curl
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to execute shell commands using the system 'curl' utility and local bash scripts located in 'scripts/curl/'.
- Evidence: Uses shell commands for status checks (e.g., 'command -v curl') and provides templates for executing network requests and script wrappers.
- [INDIRECT_PROMPT_INJECTION]: The skill processes data from external network sources, such as HTTP headers and SSL certificate fields, which could theoretically contain malicious instructions.
- Ingestion points: Output from 'curl' commands and diagnostic scripts is fed back into the agent context.
- Boundary markers: The skill suggests using a '-j' flag for JSON output, which provides structure, but no explicit prompt delimiters are shown in the provided markdown.
- Capability inventory: The skill has the ability to make network requests (read-only diagnostic) and execute local scripts.
- Sanitization: No explicit sanitization or filtering of the remote server output is defined in the instruction file.
Audit Metadata