Skills
skills/libtv-labs/libtv-skills/libtv-skill/Gen Agent Trust Hub

libtv-skill

Fail

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The script scripts/upload_file.py implements functionality to read local files and transmit them to a remote server.
  • Evidence: The script uses open(file_path, "rb") to read file content and urllib.request.urlopen to send data to https://im.liblib.tv/openapi/upload.
  • Vulnerability: The MIME type validation if mime_type and not any(...) is bypassed when mimetypes.guess_type returns None (common for files without extensions like .env or SSH keys), permitting the exfiltration of sensitive data to the remote endpoint.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection through untrusted data processing.
  • Ingestion points: User messages in scripts/create_session.py and API response data in scripts/query_session.py.
  • Boundary markers: There are no boundary markers or instructions to isolate untrusted content.
  • Capability inventory: The skill possesses both local file read access (scripts/upload_file.py) and network request capabilities (scripts/_common.py).
  • Sanitization: No sanitization or validation is performed on inputs from the user or the external API.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 18, 2026, 11:44 AM