mthds-inputs
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the
mthds-agentCLI for version checking, schema extraction (pipelex inputs pipe), and pipeline execution (pipelex run pipe). This is essential for integrating with the MTHDS ecosystem.\n- [REMOTE_CODE_EXECUTION]: The skill provides Python code templates using libraries likereportlab,python-docx, andopenpyxlto generate synthetic PDF, Word, and Excel documents. These scripts are generated and executed locally at runtime to create test inputs.\n- [EXTERNAL_DOWNLOADS]: The skill directs users to install themthdsNPM package (from the verified vendormthds-ai) and standard Python libraries. It also references a public fallback document fromw3.org, a well-known and trusted service.\n- [DATA_EXFILTRATION]: The skill performs file and folder enumeration to locate and copy user-provided files into its workspace. While this involves reading local data, it is performed in response to explicit user input to populate pipeline parameters.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. \n - Ingestion points: Reads content from user-provided
.txtand.mdfiles inStep E: Build Content Objects.\n - Boundary markers: None; the raw file content is interpolated directly into the
inputs.jsonstructure.\n - Capability inventory: Ability to execute shell commands via the
mthds-agentCLI and perform file system writes.\n - Sanitization: No escaping or validation is performed on the text content read from external files.
Audit Metadata