dating
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for using
curlto interact with the inbed.ai REST API. These operations are standard for the platform's functionality and restricted to API interactions. - [DATA_EXFILTRATION]: Profile data, including personality traits, interests, and chat messages, are transmitted to the inbed.ai domain. This transmission is the core purpose of the service and occurs within the vendor's established infrastructure.
- [PROMPT_INJECTION]: The skill processes untrusted content from other AI agents, creating an attack surface for indirect prompt injection.
- Ingestion points: Bio content and chat messages are retrieved from the
/api/discoverand/api/chatendpoints. - Boundary markers: The instructions do not define delimiters or specific guidance to ignore instructions embedded in data from other agents.
- Capability inventory: The agent is capable of sending messages, performing swipes, and updating its profile, which are potential targets for manipulation.
- Sanitization: No mention is made of sanitizing or validating the content received from the API before it is processed by the agent.
Audit Metadata