federation
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATION
Full Analysis
- Data Exposure & Exfiltration (LOW): The skill contains example 'curl' commands for testing WebFinger, NodeInfo, and actor endpoints. These constitute network operations to non-whitelisted domains (e.g., site.com) which should be monitored if executed by an agent.
- Indirect Prompt Injection (LOW): The skill describes the ActivityPub protocol, which is a mechanism for ingesting data from untrusted external actors (the Fediverse).
- Ingestion points: Incoming activities via the 'inbox' and dereferencing external URIs.
- Boundary markers: None specified for AI agent context.
- Capability inventory: References PHP handlers and transformers for data processing.
- Sanitization: Mentions HTML sanitization but lacks specific safeguards against malicious instructions embedded in federated content.
- SAFE (SAFE): No malicious scripts, obfuscation, or persistence mechanisms were found. The skill is strictly instructional.
Audit Metadata