Skills
skills/opper-ai/opper-skills/opper-python-sdk/Gen Agent Trust Hub

opper-python-sdk

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is highly susceptible to Indirect Prompt Injection because its core purpose is to interpolate untrusted data into LLM prompts.
  • Ingestion points: External data enters the context through the input parameter in opper.call(), the content parameter in opper.knowledge.add(), and the query parameter in opper.knowledge.query().
  • Boundary markers: Absent. The code examples do not show the use of delimiters or system-level instructions to ignore embedded commands within the user-provided data.
  • Capability inventory: The skill can generate text that influences downstream agent logic and can write data to a persistent cloud-based knowledge base.
  • Sanitization: Absent. There is no evidence of input validation or escaping for the data processed by the LLM.
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill requires the installation of the opperai package via pip. As this is a third-party dependency not included in the trusted sources list, it represents a supply-chain risk if the package is compromised or if typosquatting occurs.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:54 AM