hono-llm-docs
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (LOW): The skill references external URLs (hono.dev) for documentation. Fetching remote content is the core purpose, but it introduces a dependency on the availability and integrity of those external resources.
- PROMPT_INJECTION (LOW): Category 8 (Indirect Prompt Injection) surface identified. Ingestion point: Remote .txt files specified in YAML frontmatter and markdown. Boundary markers: None defined to isolate external content from agent instructions. Capability inventory: The skill suggests using firecrawl.scrape to ingest content; the target agents (nova, grizz) typically have high-privilege capabilities including code execution. Sanitization: No sanitization or validation of the remote content is mentioned. While the source is a known framework, the pattern of unbuffered external data ingestion represents a vulnerability surface.
Audit Metadata