openserv-agent-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is authored by the platform vendor (openserv-labs) and utilizes official, scoped packages and trusted infrastructure. It follows security best practices by using environment variables for credentials and providing clear error handling in examples.\n- [PROMPT_INJECTION]: The skill examples demonstrate the ingestion of untrusted data from user-defined tasks and its interpolation into prompts for LLM processing. This represents a potential surface for indirect prompt injection, which is handled as a standard risk factor for agentic systems.\n
- Ingestion points: The 'run' function in examples such as 'examples/capability-example.ts' accepts data through 'args' (e.g., 'args.text').\n
- Boundary markers: Examples use direct string interpolation without specific delimiters or guardrails to prevent command injection within the data.\n
- Capability inventory: Templates provide access to methods for generating LLM content, creating tasks, and managing files.\n
- Sanitization: No explicit data sanitization or instruction-guarding is implemented in the template code, as is common for educational SDK examples. Developers are encouraged to implement these measures for production use.
Audit Metadata