dust-call-agent
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the
dustCLI utility to facilitate communication with other agents and external integrations. This is standard functionality for this vendor's tools. - [PROMPT_INJECTION]: The skill provides a surface for indirect prompt injection by reading from external sources like Slack, Notion, and Google Drive.
- Ingestion points: External content retrieved through
dust chatcommands. - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the skill body.
- Capability inventory: The skill can execute CLI commands and perform actions in connected services via the
dusttool. - Sanitization: No content sanitization or validation is implemented for the data retrieved from external integrations.
Audit Metadata