data-specialist
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: CRITICALEXTERNAL_DOWNLOADSSAFE
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The vLLM configuration guide (references/cursor_rules_vllm.md) recommends installing wheel packages directly from the 'vllm-project' GitHub organization. While this is common for specialized CUDA builds, the organization is not on the trusted list.
- [COMMAND_EXECUTION] (SAFE): Several files discuss agents with code execution capabilities (e.g., autogen, smolagents). The instructions correctly identify and warn against unsafe practices like using eval() on untrusted input.
- [DATA_EXFILTRATION] (SAFE): No exfiltration vectors were identified. External calls in examples are directed to legitimate telemetry endpoints (OpenLIT) or placeholders.
- [CREDENTIALS_UNSAFE] (SAFE): The skill follows security best practices by instructing users to load API keys from environment variables instead of hardcoding them.
- [INDIRECT_PROMPT_INJECTION] (LOW): The skill processes external data (customer support tickets, database query results) which creates a potential surface for indirect injection. This is mitigated by the skill's own strong recommendations for parameterized queries and strict boundary management.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata