anythingllm-skill-builder
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides templates for shell scripts (deploy.sh) and instructions for manual command execution (docker cp) to facilitate the deployment of generated skill folders into a containerized AnythingLLM environment.
- [EXTERNAL_DOWNLOADS]: The templates include references to external API endpoints hosted on the EasyPanel platform (easypanel.host). These are used for service integration and are consistent with the author's specified infrastructure and the skill's primary use case.
- [PROMPT_INJECTION]: The skill generates plugin metadata, including descriptions and examples, which are subsequently interpreted by the LLM to manage tool invocation. While this provides a surface for indirect prompt injection, the risk is inherent to the plugin architecture of the target platform and no malicious patterns were found in the templates.
Audit Metadata