Skills
skills/qverisai/qverisbot/bluebubbles/Gen Agent Trust Hub

bluebubbles

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The sendAttachment action takes a path parameter that allows the agent to read local files and transmit them externally. This capability can be abused to exfiltrate sensitive data.- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface as it lacks input validation for the file path parameter. This allows an attacker to potentially read and send sensitive files like SSH keys or environment variables.
  • Ingestion points: User-provided input for the path argument in the sendAttachment tool.
  • Boundary markers: No delimiters are present to differentiate untrusted data from the command context.
  • Capability inventory: The skill facilitates both local file access and data transmission over a network gateway.
  • Sanitization: No directory whitelisting or path sanitization is implemented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 01:23 AM