cloud
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- EXTERNAL_DOWNLOADS (HIGH): Automated scanners identified a malicious phishing URL
cloud.threads.meassociated with the skill's references or metadata. This represents a significant security risk.\n- EXTERNAL_DOWNLOADS (LOW): The skill documentation requires the installation of theassistant-cloudnpm package. Since this package and its organization are not on the trusted sources list, it is considered an unverified dependency (severity reduced from MEDIUM as it is the primary purpose of the skill).\n- DATA_EXFILTRATION (SAFE): The skill is designed to transmit thread history and message content toapi.assistant-ui.com. While this domain is not whitelisted, the data transmission is functional and necessary for the core persistence features described (severity reduced from LOW).\n- PROMPT_INJECTION (LOW): The skill implements an indirect prompt injection surface by ingesting and rendering chat history from an external API (Category 8).\n - Ingestion points:
references/persistence.md(viacloud.threads.messages(threadId).list())\n - Boundary markers: Absent in the provided implementation examples.\n
- Capability inventory: Network-based read and write access to conversation history.\n
- Sanitization: Documentation does not specify any sanitization or escaping protocols for external data before it is processed by the agent.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata