deepvista-chat
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill installs the
deepvista-clipackage using theuvinstaller from the vendor's infrastructure to provide the required binary tools. - [COMMAND_EXECUTION]: Operates by executing the
deepvistaCLI command to perform session management and messaging tasks. - [DATA_EXFILTRATION]: Sends user-provided messages and session identifiers to
cli.deepvista.aito facilitate the chat service; this is the intended primary function of the skill. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because the agent is capable of searching the web and internal knowledge bases. Malicious instructions embedded in those external sources could potentially influence the agent's behavior during a chat session.
- Ingestion points: Reads data from web searches and a user-controlled knowledge base (referenced in SKILL.md).
- Boundary markers: None explicitly defined in the provided command structures to separate untrusted external data from system instructions.
- Capability inventory: Executes shell commands via the
deepvistabinary which can perform network requests and data retrieval. - Sanitization: Not specified in the skill documentation; relies on the underlying agent's own safety filters.
Audit Metadata