Skills
skills/apiiro/marketplace/apiiro-risks/Gen Agent Trust Hub

apiiro-risks

Pass

Audited by Gen Agent Trust Hub on Apr 22, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests data from the Apiiro platform via CLI commands, such as apiiro risks. This data originates from external sources, creating a potential surface for indirect prompt injection if the ingested risk findings contain malicious instructions.
  • Ingestion points: Data enters the agent's context through the output of apiiro risks and apiiro risks get commands in SKILL.md.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are defined for the CLI output.
  • Capability inventory: The agent is permitted to execute the apiiro CLI tool for data retrieval.
  • Sanitization: There is no explicit sanitization or validation of the CLI output before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 22, 2026, 10:30 AM