cve-lookup
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [Data Exposure & Exfiltration] (LOW): The skill performs network requests to
www.opencve.io. While this domain is not on the predefined whitelist, the operations are restricted to fetching public vulnerability data and are consistent with the skill's primary purpose. No sensitive local environment data or credentials are exfiltrated. - [Indirect Prompt Injection] (LOW): The skill ingests untrusted data from an external API which is then formatted and presented to the AI agent. This creates a potential vector where an attacker could influence the agent's behavior by embedding instructions within CVE descriptions.
- Ingestion points: API responses from
https://www.opencve.io/api/cveandhttps://www.opencve.io/api/cvesprocessed inscripts/utils.ts. - Boundary markers: Absent. The skill does not use delimiters or developer instructions to warn the agent about potentially malicious content in the CVE summary or description.
- Capability inventory: The provided scripts are limited to network GET requests and local console output; they do not contain file-write or system execution capabilities.
- Sanitization: No sanitization or filtering is applied to the
summary,description, orreferencesfields retrieved from the remote source.
Audit Metadata