omni-content-builder
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill correctly handles sensitive credentials by instructing users to set them as environment variables (
OMNI_API_KEY), avoiding hardcoded secrets. - [SAFE]: All network operations are conducted via
curlto the user-specified$OMNI_BASE_URLfor the legitimate purpose of API interaction with the Omni platform. - [SAFE]: The instructions and reference files do not contain any evidence of prompt injection, obfuscation, or unauthorized access to the host system's sensitive files.
- [SAFE]: While the skill reads data from an external API (
GET /api/v1/documents) to use as templates, which theoretically exposes a surface for indirect prompt injection, this is standard functionality for content management tools and carries low risk within the defined API scope.
Audit Metadata