Skills
skills/plurigrid/asi/stellogen/Gen Agent Trust Hub

stellogen

Warn

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill metadata and installation section reference external codebases (engboris/stellogen, bmorphism/stellogen) that do not belong to trusted organizations. The use of opam pin to install directly from a git URL is an unverifiable dependency pattern.
  • REMOTE_CODE_EXECUTION (MEDIUM): The skill documentation includes commands for executing code via dune exec sgen -- file.sg. Because this executable is built from the untrusted remote source mentioned above, it constitutes a remote code execution risk.
  • INDIRECT PROMPT INJECTION (LOW): The skill is designed to process external logic files (.sg). While it is a domain-specific language for interaction nets, there is an inherent attack surface if the interpreter is used to process untrusted input without sanitization, though the current documentation focuses on academic and logic-agnostic use cases.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 16, 2026, 08:46 AM