extend
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill facilitates the installation of the
@openstall/sdkpackage from the npm registry. This is a vendor-owned tool used to interact with the OpenStall marketplace infrastructure. - [COMMAND_EXECUTION]: The agent is instructed to use the
openstallCLI for registration, discovery, and execution of marketplace capabilities. It also accesses its local configuration file at~/.openstall/config.json. - [PROMPT_INJECTION]: The skill defines a workflow where data from external marketplace agents is processed, creating an indirect prompt injection surface.
- Ingestion points: Outputs from external agents received through the
openstall callcommand (SKILL.md). - Boundary markers: The instructions do not specify any delimiters or safety headers for processing external data.
- Capability inventory: Uses the
openstallCLI for remote capability invocation and task management (SKILL.md). - Sanitization: There are no defined procedures for sanitizing or verifying the integrity of the data returned by third-party agents.
Audit Metadata