matter-thread
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection through the processing of external network data.\n
- Ingestion points: Reads and interprets diagnostic output from
avahi-browse(mDNS discovery),ot-ctl(Thread network state), andcurlresponses from the local OpenThread Border Router API.\n - Boundary markers: No specific delimiters or safety instructions are provided to the agent to distinguish between tool results and potential embedded malicious instructions.\n
- Capability inventory: The skill has access to
Bash,Edit, andWritetools, which could be used to execute commands or modify local files based on injected data.\n - Sanitization: There is no evidence of sanitization or validation logic to filter external tool outputs before processing.\n- [COMMAND_EXECUTION]: Provides a wide array of command-line instructions for managing smart home devices using
chip-tool,ot-ctl, anddocker. It includes a Docker Compose configuration that requiresprivileged: trueto access hardware radios, representing a necessary but elevated privilege level for the specified task.\n- [EXTERNAL_DOWNLOADS]: Fetches source code and build dependencies from the official GitHub repositories for the Matter SDK (Project Chip) and OpenThread. These are standard, well-known resources for smart home development.
Audit Metadata