chat-api-integration
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- Indirect Prompt Injection (LOW): The skill describes a pattern where user input is passed to an AI agent that has access to sensitive tools.
- Ingestion points: REFERENCE.md describes a chat API accepting a 'message' string from users.
- Boundary markers: The documentation lacks examples of using delimiters or system instructions to ignore embedded commands in user input.
- Capability inventory: SKILL.md authorizes the use of powerful tools including 'Bash', 'Write', 'Read', 'Edit', and 'Glob'.
- Sanitization: No input validation or sanitization logic is presented in the reference implementation.
- No Code (SAFE): This skill contains no executable scripts, configuration files, or automated tasks; it is purely informational markdown.
Audit Metadata