Skills
skills/aaaaqwq/claude-code-skills/api-provider-setup/Gen Agent Trust Hub

api-provider-setup

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFE
Full Analysis
  • [CREDENTIALS_UNSAFE] (SAFE): The skill provides configuration templates for API keys. It uses safe placeholders like sk-your-api-key and sk-xxx, which do not constitute hardcoded credentials.
  • [COMMAND_EXECUTION] (SAFE): The skill involves running administrative commands (gateway config.patch, gateway restart) which are necessary for the primary purpose of configuring the application.
  • [PROMPT_INJECTION] (SAFE): No evidence of direct prompt injection, system prompt extraction, or safety filter bypasses was detected in the markdown instructions.
  • [INDIRECT_PROMPT_INJECTION] (SAFE): While the skill establishes a connection to third-party API providers (which are potential ingestion points for external data), it is a standard configuration utility for that purpose.
  • Ingestion points: User-provided baseUrl and apiKey values.
  • Boundary markers: None specified in the JSON configuration templates.
  • Capability inventory: Modifies local JSON configuration and restarts the gateway service.
  • Sanitization: Not explicitly defined in this skill; relies on the underlying application (gateway) to handle configuration data safely.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 08:56 PM