Skills
skills/cometchat/cometchat-skills/cometchat-core/Gen Agent Trust Hub

cometchat-core

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFEPROMPT_INJECTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill facilitates the handling of untrusted data from external chat messages which could contain malicious instructions.
  • Ingestion points: The skill processes chat messages and user data using @cometchat/chat-sdk-javascript types such as CometChat.BaseMessage and CometChat.TextMessage as described in SKILL.md.
  • Boundary markers: None identified. There are no instructions for using delimiters or warnings to ignore embedded instructions within the message data.
  • Capability inventory: The agent has access to powerful tools including executeBash, readFile, fileSearch, and listDirectory as defined in the frontmatter.
  • Sanitization: No sanitization, escaping, or validation of the incoming chat content is mentioned before it enters the agent's context.
  • [REMOTE_CODE_EXECUTION]: Instructions involve the download and execution of vendor-specific tooling and resources.
  • Recommends the installation of vendor CLI tools via npx @cometchat/skills-cli production-auth for authentication setup.
  • Suggests adding a remote Model Context Protocol (MCP) server from https://www.cometchat.com/docs/mcp to access live documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 02:50 AM