Skills
skills/openbb-finance/backends-for-openbb/openbb-app-builder/Gen Agent Trust Hub

openbb-app-builder

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • Indirect Prompt Injection (LOW): The skill identifies and processes untrusted data from user-provided code snippets (Streamlit, Gradio, Flask) in the 'Reference' mode.
  • Ingestion points: references/APP-INTERVIEW.md specifies analyzing code snippets, GitHub URLs, and uploaded files provided by users.
  • Boundary markers: Absent. No specific delimiters or instructions are provided to the agent to ignore instructions embedded within the analyzed reference code.
  • Capability inventory: The skill has the capability to write files (main.py, APP-SPEC.md), execute shell commands (uvicorn, pip install, validation scripts), and perform browser-based testing (references/APP-TESTER.md).
  • Sanitization: Absent. There is no mention of sanitizing or escaping the content extracted from reference examples before interpolation into the app specification or implementation plan.
  • External Downloads (LOW): The README.md and references/APP-PLANNER.md suggest installing third-party Python packages (fastapi, uvicorn, plotly, etc.) and using npx for installation. These are standard dependencies for the application type but originate from untrusted sources (PyPI/NPM) outside the defined trusted list.
  • Command Execution (SAFE): The skill instructs the agent to run development commands such as uvicorn and python scripts/validate_widgets.py. These are expected for a development tool and do not involve administrative privilege escalation.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:51 PM