obsidian
Pass
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSNO_CODEPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of the Bash tool to execute curl commands for interacting with the SkillBoss API (api.heybossai.com) and processing JSON output with jq.
- [EXTERNAL_DOWNLOADS]: The skill documentation includes examples of downloading generated content from URLs and fetching external data from the web and documents through various API models.
- [NO_CODE]: Several files (audio-models.md, chat-models.md, image-models.md, video-models.md) reference a script named run.mjs which is not included in the skill package. This suggests the documentation may be inherited from a larger project or requires external setup.
- [PROMPT_INJECTION]: The skill interfaces with services that fetch untrusted external content (e.g., linkup/fetch, reducto/parse), creating a surface for indirect prompt injection.
- Ingestion points: Fetches data from external URLs and documents (SKILL.md, search-models.md, tools-models.md).
- Boundary markers: None identified in the provided documentation.
- Capability inventory: Uses Bash and Read tools (SKILL.md).
- Sanitization: No sanitization or content validation is explicitly described in the skill instructions.
Audit Metadata