Skills
skills/jimmylv/bibigpt-skill/bibi/Gen Agent Trust Hub

bibi

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the bibi binary to perform its primary tasks, including summarization and authentication checks.
  • [REMOTE_CODE_EXECUTION]: The tool includes a self-update feature that downloads and executes code from the vendor's servers to keep the CLI tool current.
  • [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it retrieves and processes transcripts or subtitles from arbitrary URLs which may contain malicious instructions.
  • Ingestion points: Data enters via the bibi summarize "<URL>" command in SKILL.md.
  • Boundary markers: No specific delimiters or warnings to ignore embedded instructions are present in the provided skill files.
  • Capability inventory: The skill executes the bibi binary and can access environment variables.
  • Sanitization: There is no evidence of sanitization or content filtering of the fetched transcripts before they are returned to the agent context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 09:51 AM