Skills
skills/akillness/oh-my-skills/genkit/Gen Agent Trust Hub

genkit

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to install official framework packages from the NPM registry.
  • Evidence: Installation commands for genkit-cli, genkit, and @genkit-ai/google-genai are provided in SKILL.md.
  • [COMMAND_EXECUTION]: The skill utilizes official CLI tools and local script execution for development and workflow management.
  • Evidence: Instructions include running genkit start, genkit flow:run, and genkit eval:flow.
  • Evidence: Uses npx tsx to execute local TypeScript code, which is the standard runtime pattern for the framework.
  • [PROMPT_INJECTION]: The skill facilitates building workflows that ingest untrusted user input, presenting a surface for indirect prompt injection (Category 8).
  • Ingestion points: User data enters the AI flows through the input parameters in genkit flow:run (documented in SKILL.md).
  • Boundary markers: None explicitly defined in the provided command examples.
  • Capability inventory: The skill has access to Bash and Write tools to interact with the environment.
  • Sanitization: No specific input sanitization or validation guidelines are included in the instructions for the generated flows.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 02:13 AM