Skills
skills/openant-ai/openant-skills/verify-submission/Gen Agent Trust Hub

verify-submission

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill relies on npx to download and execute the @openant-ai/cli tool from the NPM registry during runtime. This tool is a vendor-owned resource provided by the skill author.
  • [PROMPT_INJECTION]: The skill processes external data from worker submissions, presenting a surface for indirect prompt injection. Ingestion points: Worker-supplied text deliverables are retrieved via tasks get and files are fetched via files download. Boundary markers: There are no specific delimiters used when interpolating submission data into tool calls. Capability inventory: The skill has the capability to execute system commands via Bash. Sanitization: The provided references/risk-warnings.md documentation includes explicit safety instructions for the agent to use read-only inspection methods and avoid executing any untrusted content.
  • [REMOTE_CODE_EXECUTION]: Reference documentation suggests installing additional capabilities from third-party repositories using managers such as skills.sh or ClawHub.
  • [COMMAND_EXECUTION]: The allowed-tools configuration uses wildcards for bash commands, allowing the agent to execute a variety of subcommands and arguments via the vendor CLI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 04:14 PM