Skills
skills/deepread-tech/skills/api/Gen Agent Trust Hub

api

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of external data by documenting how to retrieve processed text from documents via the DeepRead API. This creates an indirect prompt injection surface where malicious instructions within processed documents could potentially influence the agent's actions.\n
  • Ingestion points: Data enters the context through the result.text or text_url fields in the /v1/jobs/{job_id} endpoint responses (documented in SKILL.md).\n
  • Boundary markers: The documentation does not specify the use of delimiters or clear boundaries to distinguish extracted data from agent instructions.\n
  • Capability inventory: The skill is configured in the frontmatter with access to Bash, Read, and Write tools, which could be targeted by successful injection.\n
  • Sanitization: No mention of sanitization or filtering of the extracted document text is present in the API documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 03:01 AM