Skills
skills/comet-ml/opik-skills/opik-connect/Gen Agent Trust Hub

opik-connect

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the opik connect CLI to execute local scripts, which is the core functionality for running an agent locally while connected to the Opik UI.\n- [EXTERNAL_DOWNLOADS]: The instructions and examples rely on the opik library and CLI tools. Additionally, standard development dependencies such as fastapi, uvicorn, express, and tsx are utilized.\n- [PROMPT_INJECTION]: The skill provides templates for creating web server endpoints that accept user input from URL parameters. This design creates a surface for indirect prompt injection, as the agent processes data from external sources.\n
  • Ingestion points: SKILL.md (FastAPI and Express server endpoints).\n
  • Boundary markers: Absent; there are no specific delimiters or instructions to ignore embedded prompts in the data ingestion logic.\n
  • Capability inventory: Includes local script execution and server hosting capabilities.\n
  • Sanitization: No input validation or sanitization is shown in the provided code snippets.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 11:49 AM