Skills
skills/richfrem/agent-plugins-skills/hf-init/Gen Agent Trust Hub

hf-init

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The script files 'scripts/hf_config.py' and 'scripts/hf_init.py' contain relative path references rather than executable Python code, which would prevent the skill from functioning as described in a standard environment.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill collects project names and discovery tags from user-defined environment variables and uploads them to external HuggingFace dataset cards (README.md).
  • Ingestion points: Environment variables HUGGING_FACE_TAGS and HUGGING_FACE_PROJECT_NAME sourced from the .env file.
  • Boundary markers: No explicit markers or 'ignore' instructions are defined to isolate these metadata fields from the rest of the dataset card content.
  • Capability inventory: The skill utilizes network access to create or update repositories on the HuggingFace Hub via the referenced 'hf_init.py' script.
  • Sanitization: No sanitization or verification of the metadata content is performed prior to the upload to external services.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 12:29 AM