Skills
skills/know-your-people/dispatch-skill/haah/Gen Agent Trust Hub

haah

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill processes incoming natural language requests from external users via the heartbeat API, which presents a surface for indirect prompt injection attacks where malicious instructions could be embedded in queries.
  • Ingestion points: Untrusted data enters the agent context through the inbox.requests array returned by the GET /heartbeat endpoint.
  • Boundary markers: The instructions specify clear display attribution for the human but lack internal delimiters or 'ignore' instructions for the agent when processing the query content.
  • Capability inventory: Across its workflows, the skill can read local data from integrated skills (Peeps, Nooks, Pages, Vibes, Digs) and perform network transmissions to the api.haah.ing endpoint.
  • Sanitization: No input sanitization or validation of the natural language query content is specified.
  • [DATA_EXFILTRATION]: The skill transmits information to the vendor's API at api.haah.ing. It is designed to access information from other local context skills to draft replies, though the agent is strictly instructed to wait for human confirmation before sending.
  • [EXTERNAL_DOWNLOADS]: Installation instructions provided in the README fetch the skill's logic from the vendor's GitHub repository.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 01:51 AM