Skills
skills/airtop-ai/airtop-skill/airtop-agents/Gen Agent Trust Hub

airtop-agents

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns or unauthorized access attempts were detected. The skill operates within the expected scope of an API-based management tool for Airtop agents.
  • [COMMAND_EXECUTION]: The skill uses curl and jq via the Bash tool to perform REST API calls to the vendor's infrastructure for agent listing and invocation (SKILL.md).
  • [CREDENTIALS_UNSAFE]: The skill retrieves the AIRTOP_API_KEY from environment variables or a local .env file, facilitating standard authentication management for developer tools (SKILL.md).
  • [DATA_EXFILTRATION]: Outbound network activity is exclusively limited to the official vendor domain api.airtop.ai.
  • [PROMPT_INJECTION]: The skill ingests data from agent output, creating a surface for indirect prompt injection. Ingestion points: agent invocation result endpoint (SKILL.md). Boundary markers: absent. Capability inventory: Bash tool (SKILL.md). Sanitization: absent. This is a low-risk vulnerability inherent to the skill's primary function.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 06:40 PM