Skills
skills/divlook/agent-skill-api-radar/api-radar/Gen Agent Trust Hub

api-radar

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the processing of untrusted external data.
  • Ingestion points: The skill fetches PR metadata, commit messages, and file contents using gh pr view, gh search commits, and gh api in SKILL.md (Step 1).
  • Boundary markers: There are no specified delimiters or 'ignore embedded instructions' directives used when passing external content to the LLM for analysis.
  • Capability inventory: The skill has access to gh, git, and python3 for repository analysis and data processing.
  • Sanitization: No sanitization or filtering of fetched repository content is performed before the agent analyzes it to generate documentation.
  • [COMMAND_EXECUTION]: The skill executes local commands to interact with the system and process data.
  • Evidence: SKILL.md explicitly authorizes the use of gh, git, base64, jq, and python3.
  • Specific Pattern: Uses a Python heredoc (`python3
  • <<'PY' ...`) to decode Base64 content fetched from the GitHub API (Step 1).
  • [EXTERNAL_DOWNLOADS]: The skill fetches data from remote sources.
  • Evidence: Uses gh api and gh pr view to download repository metadata and file contents from GitHub.
  • Status: These operations target GitHub, which is a well-known and trusted service for this skill's intended purpose.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 04:11 PM