Skills
NYC
skills/answerzhao/agent-skills/LLM/Gen Agent Trust Hub

LLM

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill imports a non-standard and unverified dependency 'z-ai-web-dev-sdk'.
  • Evidence: Found in scripts/chat.ts at line 1.
  • This package is not from a trusted organization or repository. Third-party SDKs from unknown sources can execute arbitrary code during installation or runtime, posing a supply chain risk.
  • PROMPT_INJECTION (LOW): The skill exhibits an attack surface for indirect prompt injection by directly interpolating user input into the chat context.
  • Ingestion points: The prompt parameter in the main function within scripts/chat.ts.
  • Boundary markers: Absent. User input is passed directly in the message array without delimiters or safety instructions to the model.
  • Capability inventory: The skill calls a chat completion method (zai.chat.completions.create), which could be manipulated by adversarial input to produce misleading or harmful content.
  • Sanitization: None. There is no escaping or validation of the prompt string before it is processed by the AI SDK.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:18 PM