Skills
skills/genkit-ai/skills/developing-genkit-dart/Gen Agent Trust Hub

developing-genkit-dart

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFEREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [REMOTE_CODE_EXECUTION]: The installation guide suggests piping a script from the vendor's domain to bash (curl -sL cli.genkit.dev | bash) to install the Genkit CLI.
  • [COMMAND_EXECUTION]: The skill documentation includes examples of running the genkit CLI and utilizing npx to launch Model Context Protocol (MCP) servers like @modelcontextprotocol/server-filesystem.
  • [DATA_EXFILTRATION]: The documentation for FilesystemMiddleware describes tools (read_file, write_file, list_files) that allow an agent to access and modify the local file system.
  • [EXTERNAL_DOWNLOADS]: The skill references external resources including the genkit-cli npm package and various Dart dependencies from pub.dev.
  • [PROMPT_INJECTION]: The framework's design for data ingestion creates a surface for indirect prompt injection. (1) Ingestion points: The FilesystemPlugin reads local files into the prompt context, and defineRemoteAction processes external HTTP inputs. (2) Boundary markers: Provided examples do not show the use of delimiters or instructions to ignore instructions within ingested data. (3) Capability inventory: The skill enables file modification, network requests, and external tool execution via plugins. (4) Sanitization: There is no explicit sanitization or validation shown for external data processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 10:40 AM