Skills
skills/hubblevision/hubble-data-service-skill/cn-kline/Gen Agent Trust Hub

cn-kline

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses curl commands to perform network operations.
  • [DATA_EXFILTRATION]: Requests are sent to an external, non-whitelisted IP address (43.167.234.49).
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface. 1. Ingestion points: API responses from 43.167.234.49 (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: curl command execution. 4. Sanitization: Absent; no validation of external API response content.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 02:51 PM