perigon-api-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (LOW): The skill documentation describes endpoints that process external news and Wikipedia data, which could contain adversarial instructions. Ingestion points: News articles, stories, and Wikipedia content from api.perigon.io (referenced in articles-search.md and wikipedia-knowledge.md). Boundary markers: Absent in the provided examples. Capability inventory: HTTP requests to LLM-powered endpoints like /v1/summarize. Sanitization: None mentioned for external content.
- Data Exposure & Exfiltration (LOW): The skill documentation describes network operations to api.perigon.io, which is not on the predefined whitelist. While these operations are necessary for the skill's primary purpose, they are noted as a non-standard network endpoint.
Audit Metadata