Skills
skills/copilotkit/skills/copilotkit-develop/Gen Agent Trust Hub

copilotkit-develop

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFE
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill documents methods for ingesting application data into the agent's context through useAgentContext and useFrontendTool. While this creates a surface for indirect prompt injection from untrusted application data, it is a primary function of the library and includes standard developer documentation for implementation.
  • Ingestion points: useAgentContext (shares JSON-serializable values), useFrontendTool (parameters passed to handlers).
  • Capability inventory: Subprocess calls/file access depends on the specific tools implemented by the developer using the library; the library itself provides the transport layer.
  • Boundary markers: Documentation refers to Zod schemas for parameter validation which acts as a data-level boundary.
  • Sanitization: Not explicitly covered in snippets, though the use of Zod for parameter validation is recommended in the examples.
  • [COMMAND_EXECUTION]: The evaluation configuration (eval.yaml) contains standard setup commands for a Docker environment, including apt-get update and the installation of git and jq. These are standard tools and do not represent a security risk within the context of the skill's testing framework.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 10:22 PM