Skills
skills/portkey-ai/skills/portkey-typescript-sdk/Gen Agent Trust Hub

portkey-typescript-sdk

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [External Downloads] (MEDIUM): The skill recommends installing the portkey-ai package via npm, yarn, or pnpm. This organization is not listed as a trusted external source (e.g., Anthropic, OpenAI, Microsoft), and the package source is not automatically verifiable within this context.
  • [Indirect Prompt Injection] (LOW): The skill establishes a pattern for processing user-supplied data in LLM chat completions.
  • Ingestion points: SKILL.md code snippet utilizing the messages array.
  • Boundary markers: None present; the code directly interpolates content into the message object.
  • Capability inventory: The SDK facilitates network requests and data transmission to external LLM providers.
  • Sanitization: No sanitization or validation logic is provided for the input strings.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 06:15 PM