Skills
skills/dzaleka-connect/dzaleka-api-skills/dzaleka-online-services-api/Gen Agent Trust Hub

dzaleka-online-services-api

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [Indirect Prompt Injection] (MEDIUM): The skill ingests untrusted data from the Dzaleka API into the agent context, creating a surface for injection attacks.
  • Ingestion points: Data is retrieved from all endpoints defined in references/endpoints.md, specifically the news and docs collections.
  • Boundary markers: Absent. There are no instructions for the agent to use delimiters or ignore instructions within the API response.
  • Capability inventory: The skill facilitates network GET requests to retrieve information.
  • Sanitization: Absent. The schema in references/schemas.md allows for Markdown and HTML in the content field, which is a common vector for hiding malicious instructions.
  • [Data Exposure & Exfiltration] (LOW): The skill performs network operations to an external domain not on the trusted whitelist.
  • Evidence: SKILL.md and references/endpoints.md specify https://services.dzaleka.com/api as the target for data retrieval.
  • [No Code] (INFO): No executable scripts were found in the skill; it consists entirely of documentation and examples.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 08:06 AM