Skills
skills/getstream/agent-skills/stream-docs/Gen Agent Trust Hub

stream-docs

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions direct the agent to automatically execute an installation command using npx skills add if it detects that the core 'stream' skill is missing from the environment. This installation is performed without user confirmation using the -y flag, but it is restricted to the official repository of the skill author.
  • [EXTERNAL_DOWNLOADS]: The skill fetches live markdown documentation content from the official getstream.io domain to provide up-to-date answers. It also installs additional skill modules from the GetStream/agent-skills repository on GitHub as needed.
  • [COMMAND_EXECUTION]: The agent uses filesystem inspection tools such as ls, grep, and cat to read project manifest files (e.g., package.json, go.mod, pubspec.yaml). This is used to automatically resolve the product, framework, and version for documentation searches based on the user's current project.
  • [PROMPT_INJECTION]: The skill processes external data from live web documentation, which represents an indirect prompt injection surface.
  • Ingestion points: Fetches markdown pages from getstream.io (SKILL.md).
  • Boundary markers: The skill does not define explicit delimiters or instructions to ignore embedded commands within the fetched documentation text.
  • Capability inventory: The skill has access to several shell commands via Bash, including the ability to install other skills.
  • Sanitization: There is no mention of sanitizing or escaping the fetched content before it is integrated into the agent's context. However, the data source is restricted to the official vendor domain.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 01:40 AM