ai-sdk
Pass
Audited by Gen Agent Trust Hub on Apr 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes standard development tools and package managers for environment setup and model discovery.
- Recommends using
pnpm,npm, oryarnto install theaipackage. - Uses
curlandjqto fetch and filter the latest model IDs from a Vercel-managed endpoint. - Employs
grepto search for documentation and API definitions within the project'snode_modules. - [EXTERNAL_DOWNLOADS]: Accesses official Vercel resources to provide accurate, up-to-date information.
- Fetches model metadata from
https://ai-gateway.vercel.shto prevent reliance on hardcoded or outdated model names. - Searches documentation at
https://ai-sdk.devwhen local files are not present or sufficient. - [PROMPT_INJECTION]: Includes instructions for the agent to ignore its internal knowledge regarding the AI SDK.
- This grounding technique is used to prioritize the provided documentation and source code over potentially obsolete training data, which is a defensive measure against halluncinated or deprecated APIs.
- [INDIRECT_PROMPT_INJECTION]: The skill has an ingestion surface for potentially untrusted data through documentation lookups.
- Ingestion points: Reads local project files (
package.json), bundled SDK documentation (node_modules/ai/docs/), and remote search results fromai-sdk.dev. - Boundary markers: No explicit delimiters are specified for the documentation content processed by the agent.
- Capability inventory: The skill has access to shell commands (
curl,grep), file system reads, and package installation tools. - Sanitization: There are no mentioned processes for sanitizing or validating the content of the fetched documentation before the agent acts upon it.
Audit Metadata