provision-user
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected. The skill outlines a legitimate administrative workflow for user management within the OpenFunnel ecosystem.
- [DATA_EXPOSURE]: The skill handles API keys and user identifiers using appropriate placeholders (
{provider API key},{api_key}). It instructs the agent to use these within HTTP headers for authentication to an internal API endpoint and return the generated credentials to the requester, which is the primary purpose of the skill. - [PROMPT_INJECTION]: No attempts to override system behavior or bypass safety constraints were identified in the instructions or metadata.
- [COMMAND_EXECUTION]: No shell command execution or privileged operations were found.
- [EXTERNAL_DOWNLOADS]: No remote scripts or external dependencies are downloaded or executed. The described network operation targets a relative API path consistent with the vendor's service architecture.
- [DATA_EXFILTRATION]: No data exfiltration patterns were detected. User-provided information is used locally for string manipulation before being sent to the specified administrative endpoint.
Audit Metadata