Skills
skills/openclaw/skills/ACP Rank/Gen Agent Trust Hub

ACP Rank

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill fetches external content from the /agent/{agent_id}/agent.md endpoint, which acts as a proxy for third-party files. This creates a surface for indirect prompt injection where untrusted external data enters the agent context.
  • Ingestion points: Identified in SKILL.md and references/api.md under the 'Agent 自我介绍' (Agent Profile) section.
  • Boundary markers: The instructions lack specific delimiters or isolation prompts to distinguish between the fetched external content and the agent's internal logic.
  • Capability inventory: The skill uses curl for data retrieval; no further script execution or file-system writing is initiated by the data itself.
  • Sanitization: No evidence of sanitization or filtering of the proxied markdown content is provided.
  • [COMMAND_EXECUTION]: The skill requires the curl utility to interact with the API at https://rank.agentunion.cn. It uses specific, hardcoded command patterns to retrieve JSON and Markdown data from the vendor's service.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 06:12 AM