Skills
skills/fioenix/huly-skill/huly-assist/Gen Agent Trust Hub

huly-assist

Pass

Audited by Gen Agent Trust Hub on Mar 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or unauthorized exfiltration of sensitive data were identified during the analysis.
  • [COMMAND_EXECUTION]: The skill defines various shell commands using the huly binary (or node dist/index.js) to interact with the Huly API. This is the primary mechanism for its functionality.
  • [EXTERNAL_DOWNLOADS]: The skill lists @hcengineering/api-client as a required package, which is retrieved from the GitHub Packages registry.
  • [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it retrieves and displays content (task titles, descriptions, and document bodies) that could contain malicious instructions from the Huly workspace.
  • Ingestion points: huly tasks, huly task, and huly docs read (SKILL.md).
  • Boundary markers: None defined to isolate external data from the agent's instruction stream.
  • Capability inventory: Shell command execution via the huly CLI for workspace management; file system read access for uploading task descriptions or document content.
  • Sanitization: The skill documentation does not specify any sanitization or validation of data fetched from Huly.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 25, 2026, 05:11 AM