huly-api
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external, untrusted data into the agent's execution context.
- Ingestion points: The skill retrieves recent chat history from Huly channels using the
list-channel-messagesoperation inscripts/huly-api.py. - Boundary markers: The instructions do not define boundary markers or delimiters to isolate retrieved chat content from the agent's instructions, nor do they include warnings to ignore embedded commands.
- Capability inventory: The skill has broad write permissions on the Huly platform, including the ability to create and modify issues, documents, and chat messages.
- Sanitization: The
huly-api.pyscript performs basic whitespace and newline normalization but does not include sanitization or validation logic to filter out potential injection patterns in retrieved content.
Audit Metadata