omni-content-explorer
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses
curlto perform REST API requests toOMNI_BASE_URL. These commands are used for standard content browsing, searching, and management operations within the user's Omni environment. - [PROMPT_INJECTION]: The skill is subject to potential indirect prompt injection (Category 8). 1. Ingestion points: The agent retrieves content metadata via
GET /api/v1/contentandGET /api/v1/documents. 2. Boundary markers: The skill does not define delimiters or instructions to ignore instructions embedded in the retrieved data. 3. Capability inventory: The agent can create folders and manage document labels through the API based on the retrieved information. 4. Sanitization: There is no evidence of data validation or sanitization of the API responses before they are processed by the agent.
Audit Metadata