Skills
skills/kunhai-88/skills/ai-sdk/Gen Agent Trust Hub

ai-sdk

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill utilizes shell commands like grep and glob to search within the node_modules directory for documentation and source code. While intended for searching SDK references, it involves shell interaction based on user queries.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill fetches content from https://ai-sdk.dev. Per the [TRUST-SCOPE-RULE], Vercel is a trusted organization, so these external references are downgraded to safe/low severity.
  • [PROMPT_INJECTION] (LOW): Category 8 (Indirect Prompt Injection) surface identified. The skill ingests data from external URLs and local files which could contain malicious instructions. Evidence: 1. Ingestion points: ai-sdk.dev and local node_modules. 2. Boundary markers: Absent. 3. Capability inventory: grep, glob, generateText. 4. Sanitization: Absent.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:39 PM