Skills
skills/mindreset/dot_skill/dot-skill/Gen Agent Trust Hub

dot-skill

Pass

Audited by Gen Agent Trust Hub on Apr 30, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: The skill implements standard API client functionality for Dot. devices without any detected malicious patterns or security vulnerabilities.
  • [COMMAND_EXECUTION]: Python scripts in the scripts/ folder perform authenticated HTTP requests to the official vendor domain (dot.mindreset.tech) to manage device state and display content.
  • [CREDENTIALS_UNSAFE]: The skill correctly instructs users to manage sensitive API keys via environment variables (DOT_API_KEY) or direct input, adhering to secure secret management practices.
  • [EXTERNAL_DOWNLOADS]: No external package dependencies or remote script execution patterns were found; all provided scripts utilize Python's standard library components like urllib and json.
  • [SAFE]: Indirect prompt injection risks are minimal, as the skill only processes structured data from the device API for display or status reporting purposes, with no execution of untrusted code or instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 30, 2026, 01:22 PM