http_client
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides technical documentation and examples for the
stdx.net.httpextension library. All described functions and code snippets (e.g.,ClientBuilder,HttpRequestBuilder) represent standard and expected behavior for a network client library. - [DATA_EXFILTRATION]: While the skill enables network communication (GET, POST, etc.), this is its primary stated purpose. The code examples use generic domains like
example.comand demonstrate routine API interactions without attempting to access or leak sensitive local files. - [SAFE]: The skill contains a vulnerability surface for indirect prompt injection because it fetches untrusted content from the network.
- Ingestion points: Response bodies are ingested and processed in
SKILL.md(e.g., sections 2, 4.2, 5.2, 6.2) using methods likeStringReader(resp.body).readToEnd(). - Boundary markers: No boundary markers or delimiters for external content are shown in the provided examples.
- Capability inventory: The skill provides full HTTP client capabilities, including multiple request methods, custom headers, and proxy configuration.
- Sanitization: No sanitization or validation of the retrieved response body is demonstrated in the examples.
Audit Metadata