spaceship-domains
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill possesses a high-severity vulnerability surface for indirect prompt injection due to its expansive write and financial capabilities.
- Ingestion points: Processes domain names, DNS record values, and contact details from user prompts or external sources like lists or configuration files.
- Boundary markers: No explicit boundary markers or delimiters are instructed to be used for isolating untrusted input data.
- Capability inventory: Contains tools for financial operations (
register_domain,renew_domain,transfer_domain) and destructive/critical record modification (save_dns_records,delete_dns_records,update_nameservers). - Sanitization: Lacks any instructions or mechanisms for validating or sanitizing the data received from external sources before it is passed to the API tools.
- [Financial Operations] (LOW): The skill can trigger financial expenditures. While the instructions require human-in-the-loop confirmation, the automated handling of pricing and registration commands increases the risk of accidental or malicious spending if the agent is misled.
Recommendations
- AI detected serious security threats
Audit Metadata