mdplane-curl
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill consists entirely of markdown files with no executable scripts or code.
- [COMMAND_EXECUTION] (SAFE): It provides guidance for performing API requests via curl and includes rules to protect against credential exposure in logs.
- [DATA_EXFILTRATION] (SAFE): Network activity is confined to the service's primary domain (api.mdplane.dev).
- [PROMPT_INJECTION] (SAFE): The skill ingests data from external API responses, which is an inherent risk surface for indirect prompt injection, but no actual threats were identified. Ingestion point: API responses from api.mdplane.dev; Boundaries: None; Capabilities: curl; Sanitization: None.
Audit Metadata