tulip-api
Warn
Audited by Gen Agent Trust Hub on Mar 29, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The package.json file includes a build script that attempts to execute ./scripts/build.sh. This script is missing from the provided skill files, preventing verification of the commands executed during the build process.- [EXTERNAL_DOWNLOADS]: Documentation in references/resources/ai-assistant.mdx suggests using third-party community tools (openskills, skillkit) to install the skill from a remote GitHub repository (github.com/mytulip/tulip-api-skills). While the repository is a vendor resource, the reliance on unverified tools for installation introduces potential supply chain risk.- [PROMPT_INJECTION]: The skill is designed to ingest and process documentation from the references/ directory, creating a surface for indirect prompt injection if malicious content were introduced into these files.
- Ingestion points: Documentation files within the references/ subdirectory.
- Boundary markers: Absent; the skill does not use specific delimiters to isolate reference data from agent instructions.
- Capability inventory: General agent capabilities, including shell execution and file system access.
- Sanitization: Absent; no content validation or sanitization is specified for the ingested documentation.
Audit Metadata