ray-skill
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [NO_CODE] (SAFE): The skill documentation is provided in Markdown format and does not include any accompanying Python, Node.js, or shell scripts.\n- [PROMPT_INJECTION] (LOW): Potential surface for Indirect Prompt Injection (Category 8) detected.\n
- Ingestion points: The skill processes user-supplied data in various fields such as
values,content, andlabelwithin thelog,custom, andtablepayload types.\n - Boundary markers: Absent; there are no instructions provided to separate user-provided content from instructions or to ignore embedded commands.\n
- Capability inventory: The skill specifies network operations (HTTP POST) targeting a local debugging server (
localhost).\n - Sanitization: Absent; the skill does not include any guidance or requirements for sanitizing or escaping the data before it is sent to the Ray application.
Audit Metadata