omni-model-builder
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill integrates with official vendor infrastructure. It uses the
omniCLI tool and interacts with theomniapp.codomain, which are legitimate resources associated with the skill's author,exploreomni.- [SAFE]: External documentation references point to the official GitHub repository for the Omni CLI (exploreomni/cli), which is a trusted vendor resource.- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by reading external data which is then used in subsequent operations. - Ingestion points: Retrieval of model YAML and topic definitions via
omni models yaml-getandomni models get-topicinSKILL.md. - Boundary markers: Absent; there are no instructions for the agent to treat retrieved YAML content as potentially untrustworthy or to use delimiters.
- Capability inventory: The skill possesses capabilities for model modification (
omni models yaml-create), query execution (omni query run), and branch merging (omni models merge-branch). - Sanitization: No content sanitization or validation routines for retrieved model data are described in the instructions.
Audit Metadata