Skills
skills/deepvista-ai/deepvista-cli/deepvista-recipe/Gen Agent Trust Hub

deepvista-recipe

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the deepvista CLI tool to perform various operations such as listing, getting, running, and exporting recipes. These commands are executed by the agent to interact with the DeepVista service.
  • [EXTERNAL_DOWNLOADS]: The skill references and directs the agent to display URLs from app.deepvista.ai. This is used to provide users with links to execution runs and memory contexts within the vendor's web application.
  • [PROMPT_INJECTION]: The deepvista recipe run command supports an --input parameter designed to provide context or instructions for a workflow run. This represents an indirect prompt injection surface where data from untrusted sources could be used to influence the agent's actions during the execution of a recipe.
  • Ingestion points: The --input argument in the deepvista recipe run command (SKILL.md).
  • Boundary markers: No specific delimiters or safety instructions are defined for the input content.
  • Capability inventory: The agent can execute CLI commands, search the web, and modify context cards (SKILL.md).
  • Sanitization: No sanitization or validation logic is specified for the input data.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 05:25 AM