Skills
skills/maravilla-labs/maravilla-cli/maravilla-realtime/Gen Agent Trust Hub

maravilla-realtime

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious behavior, such as credential harvesting, command execution, or exfiltration to unauthorized domains, was identified in the documentation or code samples.
  • [EXTERNAL_DOWNLOADS]: The skill references the official @maravilla-labs/platform package and documentation hosted on maravilla.cloud, which are authorized resources owned by the skill's author.
  • [PROMPT_INJECTION]: The documented implementation patterns describe a surface for Indirect Prompt Injection.
  • Ingestion points: Data entering the agent context via RenClient.on and RealtimeClient.subscribe callbacks (SKILL.md).
  • Boundary markers: Examples do not demonstrate the use of delimiters or 'ignore' instructions to isolate incoming event data.
  • Capability inventory: The documented environment includes capabilities for KV storage manipulation and file management.
  • Sanitization: Implementation patterns in the documentation do not include input validation or sanitization of event payloads.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 11:30 AM