openapi-to-typescript
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill processes untrusted user-provided data (OpenAPI files) which could contain malicious instructions hidden in metadata or description fields intended to influence the agent's behavior.
- Ingestion points: Local OpenAPI JSON or YAML files read by the agent (defined in SKILL.md Workflow).
- Boundary markers: Absent. The skill does not explicitly instruct the agent to ignore or delimit embedded instructions within the schema content.
- Capability inventory: The skill allows the agent to write files to the local filesystem (defaulting to types/api.ts).
- Sanitization: Absent. Validation is limited to OpenAPI versioning (3.0.x) and structural existence of required fields, but does not sanitize the text content of descriptions or keys for injection patterns.
Audit Metadata