Skills
skills/basedhardware/omi/omi-api-integration/Gen Agent Trust Hub

omi-api-integration

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill handles untrusted external content (memories, transcripts) with high-impact capabilities.
  • Ingestion points: GET /v1/dev/user/memories and POST /webhook/transcript in SKILL.md.
  • Boundary markers: Absent; the instructions do not specify delimiters or instructions to ignore embedded commands in ingested content.
  • Capability inventory: edit_memory, delete_memory, and create_action_item tools are defined for data modification.
  • Sanitization: Absent; no filtering of retrieved content is specified.
  • Data Exposure (LOW): Makes network requests to api.omi.me, which is not a whitelisted domain, though it is the intended service endpoint.
  • Credentials (INFO): Correctly uses placeholders like omi_dev_your_key_here instead of exposing actual secrets.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 01:15 PM