openapi-to-typescript
Pass
Audited by Gen Agent Trust Hub on Feb 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill is designed to ingest and process untrusted data from external OpenAPI specifications which serves as an attack surface for indirect prompt injection.
- Ingestion points: Reads local OpenAPI files (JSON/YAML) provided by the user in the
Workflowsection ofSKILL.md. - Boundary markers: Absent. The instructions do not specify any delimiters or warnings to the agent to ignore instructions embedded within the OpenAPI schema's description fields.
- Capability inventory: File-write capability (the skill writes generated code to
types/api.tsor a custom path). - Sanitization: Absent. The logic extracts string values (like descriptions) directly from the input file and incorporates them into the output code without sanitization.
Audit Metadata