spl-to-apl
Pass
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: LOW
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): While the README.md mentions a configuration file (
~/.axiom.toml) and environment variables (AXIOM_PLAY_*), it does so in a legitimate instructional context. No scripts in the skill attempt to read these secrets or send them over the network. - [Unverifiable Dependencies & Remote Code Execution] (LOW): The
.meta/spl-to-apl.eval.tsfile imports standard dependencies (dotenv) for local evaluation. The installation instructions in README.md refer to a known, trusted source (axiomhq/skills). - [Indirect Prompt Injection] (LOW): The skill processes untrusted input (SPL queries) to produce APL queries. While it has an ingestion surface (Category 8), its capability inventory is strictly 'display only' in its primary use case as a translator. The evaluation harness (
.meta/spl-to-apl.eval.ts) executes queries, but only against a controlled Axiom Playground environment for testing. - [Obfuscation] (SAFE): No encoded commands, zero-width characters, or homoglyphs were detected across the 9 analyzed files.
- [Privilege Escalation] (SAFE): No commands requiring sudo, chmod, or administrative privileges are present.
- [Metadata Poisoning] (SAFE): Skill metadata in
SKILL.mdis descriptive and matches the skill's stated purpose.
Audit Metadata