Skills
skills/ondata/skills/ipa/Gen Agent Trust Hub

ipa

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash and python3 to execute curl commands. This is the intended primary purpose of the skill to fetch data from the official IPA (indicepa.gov.it) APIs. No arbitrary or unsafe command execution was detected.
  • [EXTERNAL_DOWNLOADS]: The skill fetches data from https://www.indicepa.gov.it and https://indicepa.gov.it/ipa-dati/. These are well-known official services managed by AgID (Agenzia per l'Italia Digitale). These references are safe and consistent with the skill's purpose.
  • [CREDENTIALS_UNSAFE]: The skill requires an environment variable IPA_auth_id. The instructions explicitly forbid the agent from displaying this value in outputs or logs, and it is used only as an authentication header for the official API. There are no hardcoded secrets or leaks.
  • [PROMPT_INJECTION]: No evidence of prompt injection or instructions to bypass safety guidelines. The instructions focus on structured data retrieval and user assistance.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 09:10 AM