api-reference-guide
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICAL
Full Analysis
- [Data Exposure & Exfiltration] (SAFE): The skill uses industry-standard placeholders like 'YOUR_API_KEY' and 'api.example.com'. No real credentials or sensitive data are exposed.
- [Unverifiable Dependencies & Remote Code Execution] (SAFE): While the documentation contains code snippets (Python, Node.js, Go, Bash), these are provided as examples for documentation purposes and are not intended for local execution by the agent. No remote script fetching occurs.
- [Privilege Escalation] (SAFE): No instructions for the agent to run local system commands or modify the environment are present.
- [Prompt Injection] (SAFE): No adversarial prompts or bypass instructions were detected.
- [Metadata Poisoning] (SAFE): Metadata accurately describes the skill's purpose and does not contain hidden instructions.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata