rstack-distribute
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches resource metadata from the vendor's platform at
https://*.resolved.shviacurlto populate distribution templates. This is consistent with the skill's purpose as a distribution helper for the resolved.sh ecosystem. - [COMMAND_EXECUTION]: Executes a local Python script in the preamble to parse and display metadata from a downloaded JSON file. The script is static and contained within the skill.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection because it ingests data from an external URL to generate repository files (such as
SKILL.mdandsmithery.yaml). This is evaluated as a low-risk surface. * Ingestion points:curlcommand inSKILL.mdpreamble. * Boundary markers: None present in the generated templates. * Capability inventory: Generating bash snippets for file creation and Git repository operations. * Sanitization: No explicit sanitization or filtering is performed on the fetched metadata before it is used in templates.
Audit Metadata