coda
Pass
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious patterns or security risks were identified in the skill instructions or the implementation script. The logic is restricted to document export tasks as described.- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill requires a Coda API token but manages it securely by accepting it via environment variables or command-line arguments rather than hardcoding. Network activity is limited to communication with the official Coda API (coda.io).- [INDIRECT_PROMPT_INJECTION]: The skill processes content from an external source (Coda API), which constitutes an attack surface for indirect prompt injection.
- Ingestion points:
scripts/coda_export.pyfetches page data from the Coda API. - Boundary markers: Exported Markdown files are prefixed with a header containing metadata (Page ID and browser link), which helps distinguish document metadata from content.
- Capability inventory: The script's operations are limited to
urllib.request.urlopen(GET only) andpathlib.Path.write_text. It does not contain capabilities for subprocess execution, dynamic code evaluation, or unauthorized network exfiltration. - Sanitization: Filenames are sanitized using regex to remove potentially dangerous characters, and the Coda content is explicitly mapped to Markdown styles via a formatting function.
Audit Metadata