deuna-integration
Pass
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill references official DEUNA assets, including the Web SDK CDN (cdn.deuna.io) and live documentation (docs.deuna.com). These downloads are restricted to the vendor's own infrastructure and are necessary for the skill's core functionality.
- [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by instructing the agent to fetch and prioritize live documentation from external URLs.
- Ingestion points: SKILL.md and various rules files (e.g., rules/api-reference.md) reference official documentation links such as https://docs.deuna.com/reference/deuna-api.
- Boundary markers: Absent; the agent is explicitly told to prefer live docs over static rule files.
- Capability inventory: The agent uses network fetching capabilities to retrieve, read, and interpret documentation content.
- Sanitization: None; the skill relies on the integrity and security of the vendor's official documentation host.
- [CREDENTIALS_UNSAFE]: No hardcoded credentials were found. All references to API keys and tokens use standard placeholders such as "your-api-key-here" or "YOUR_PUBLIC_API_KEY".
Audit Metadata