Skills
skills/openant-ai/openant-skills/send-message/Gen Agent Trust Hub

send-message

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes various commands using the @openant-ai/cli tool to interact with the messaging and notification systems.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to download and run the @openant-ai/cli package. This is a vendor-provided resource belonging to the skill author 'openant-ai' and represents standard integration with the platform's infrastructure.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection as it processes incoming messages and notifications from other users.
  • Ingestion points: The agent reads external content via npx @openant-ai/cli@latest messages read and npx @openant-ai/cli@latest notifications list as defined in SKILL.md.
  • Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard potential instructions embedded within the retrieved messages.
  • Capability inventory: The skill allows the agent to send replies, check status, and manage notifications.
  • Sanitization: The skill does not implement specific sanitization or validation logic for the content retrieved from external users.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 11:24 AM