infer-insights
Pass
Audited by Gen Agent Trust Hub on Apr 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a bash script intended for execution by the agent to perform update checks. The script queries the npm registry for the latest versions of @inferevents/sdk and @inferevents/mcp and maintains a local cache in ~/.infer/. This is a standard utility function for developer tools.\n- [DATA_EXFILTRATION]: Network activity is limited to version checks against the public npm registry. No sensitive data, credentials, or personal information are transmitted externally.\n- [PROMPT_INJECTION]: The skill processes event data and user journey logs, which are external inputs. While this presents a surface for indirect prompt injection, it is considered a low-risk inherent property of data processing skills in this context.\n
- Ingestion points: Event names, event counts, and user journey metadata retrieved via get_event_counts and get_user_journey tool calls in SKILL.md.\n
- Boundary markers: Absent.\n
- Capability inventory: Shell script execution (bash) and tool calls for data retrieval.\n
- Sanitization: Not explicitly implemented; data is processed as raw tool output for analysis.
Audit Metadata