Skills
skills/availproject/nexus-elements/nexus-elements-overview/Gen Agent Trust Hub

nexus-elements-overview

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references an external registry at https://elements.nexus.availproject.org/r/{name}.json. While this appears to be the legitimate repository for the Avail project, the domain is not on the pre-approved trusted sources list.
  • [PROMPT_INJECTION] (LOW): (Category 8: Indirect Prompt Injection) The skill instructions create a vulnerability surface where a compromised remote registry could influence agent behavior.
  • Ingestion points: The agent is instructed to fetch and process JSON data from https://elements.nexus.availproject.org/r/{name}.json.
  • Boundary markers: Absent. There are no instructions to validate or sanitize the incoming JSON content before processing.
  • Capability inventory: The skill explicitly directs the agent to perform file writes (create each file in files[].target with files[].content) and dependency installation based on the remote data.
  • Sanitization: Absent. If an attacker gains control of the registry content, they could inject malicious code or secondary prompt instructions into the content fields which the agent would then write to the user's local filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 08:39 AM