rhino-sdk-write
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill follows secure coding practices by explicitly instructing the AI to use the
getpasslibrary for handling authentication credentials, preventing hardcoded passwords in generated scripts. - [SAFE]: It provides detailed validation rules for using the
rhino-healthSDK correctly, reducing the risk of accidental misconfiguration or interaction with unintended endpoints. - [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it processes untrusted user natural language to generate executable code. 1. Ingestion points: User descriptions in the prompt. 2. Boundary markers: None specified for delimiting user input from instructions. 3. Capability inventory: Generated scripts can perform network operations and data retrieval via the Rhino Health SDK. 4. Sanitization: No sanitization or escaping logic is requested for user input before interpolation into code constants. This is considered a low-risk surface inherent to the skill's primary purpose.
Audit Metadata