vastai-workflow
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFE
Full Analysis
- [DATA_EXFILTRATION]: The skill uses curl to interact with the official Vast.ai API at console.vast.ai. This network activity is necessary for the intended functionality and targets a well-known service.
- [CREDENTIALS_UNSAFE]: The skill references the VAST_API_KEY environment variable. It contains explicit instructions to prevent the exposure of this key by forbidding the agent from echoing or printing it.
- [PROMPT_INJECTION]: The skill processes data from external API responses, which constitutes an indirect prompt injection surface.
- Ingestion points: JSON responses from the console.vast.ai API endpoints (SKILL.md, references/api.md).
- Boundary markers: No specific natural language delimiters are provided, but the skill relies on JSON structure and explicitly requires JSON validation before processing.
- Capability inventory: The skill can perform network requests and manage the lifecycle (creation, stopping, and destruction) of cloud compute instances.
- Sanitization: The instructions mandate that JSON responses must be validated before they are used in subsequent workflow steps.
Audit Metadata