Skills
skills/nmvr2600/tiny-llm-proxy/model-stats/Gen Agent Trust Hub

model-stats

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or prompt injection attempts were found in the skill metadata or script logic.
  • [DATA_EXFILTRATION]: The script transmits an API key to the gateway to authenticate the request. This is the intended functionality of the tool, and the destination URL can be customized by the user via environment variables or command-line flags.
  • [REMOTE_CODE_EXECUTION]: No remote code execution or external script downloads were detected. The skill relies on a local TypeScript script executed via the Bun runtime.
  • [PROMPT_INJECTION]: The skill processes data from an external API (the gateway). While this represents a surface for indirect prompt injection, the data is presented to the agent in structured table and JSON formats, and the agent does not perform any dangerous operations based on this data.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 02:11 AM