Skills
skills/infer-events/skills/infer-analytics/Gen Agent Trust Hub

infer-analytics

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill executes a bash script that performs network requests via npm view to fetch version metadata for the @inferevents/sdk and @inferevents/mcp packages.
  • [COMMAND_EXECUTION]: Includes a bash script that manages a local cache file in ~/.infer/ and uses npm ls to inspect the local environment for installed package versions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from external analytics tools and instructs the agent to present it verbatim to the user without boundary markers or sanitization.
  • Ingestion points: Data returned by analytics tools (get_event_counts, get_retention, get_user_journey) as described in SKILL.md.
  • Boundary markers: Absent; the instructions explicitly state to "ALWAYS present the tool output verbatim".
  • Capability inventory: Uses shell execution for update checks and the AskUserQuestion tool for user interaction (SKILL.md).
  • Sanitization: Absent; external tool output is presented directly in the agent's response.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 05:28 AM