trustlayer-sybil-scanner
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [SAFE]: The skill operates as a reputation auditing tool, which is consistent with its name and documentation. All external interactions are conducted via documented API endpoints belonging to the tool's infrastructure.\n- [EXTERNAL_DOWNLOADS]: Fetches reputation metadata and risk scores from api.thetrustlayer.xyz. This is a primary functional requirement for the skill's described purpose.\n- [COMMAND_EXECUTION]: Uses curl to perform API requests. The commands are static and do not incorporate unvalidated user input into shell execution in a dangerous manner.\n- [INDIRECT_PROMPT_INJECTION]: The skill processes data from an external API, creating a theoretical injection surface.\n
- Ingestion points: Data enters the context via curl responses from api.thetrustlayer.xyz in SKILL.md.\n
- Boundary markers: Absent; the skill relies on JSON structure for field extraction.\n
- Capability inventory: Shell utilities (curl, grep, cut, echo) are used for data processing in the provided examples.\n
- Sanitization: No explicit sanitization of the API response is present, though processing is limited to specific JSON keys.
Audit Metadata