ledda
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill fetches markdown documentation and reference guides from the vendor's base URL. This content is used to inform the agent's understanding of available API endpoints and workflows at runtime.
- [PROMPT_INJECTION]: An indirect prompt injection surface is present due to the dynamic ingestion of remote content. * Ingestion points: Documentation is fetched from
<base_url>/docs/md/referenceand<base_url>/docs/md/guideand read by the agent. * Boundary markers: The skill does not implement specific delimiters or 'ignore' instructions when processing the fetched markdown, which could allow embedded malicious instructions to influence the agent. * Capability inventory: The skill has the capability to perform authenticated network requests and read local configuration files. * Sanitization: No validation or sanitization is performed on the fetched documentation content before the agent interprets it.
Audit Metadata