Skills
skills/sakumyz/skills/model-id-lookup/Gen Agent Trust Hub

model-id-lookup

Pass

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill fetches model definitions from https://models.dev/model-schema.json. This domain is not among the pre-approved trusted sources, and the downloaded data is used to overwrite a local file (references/model-schema.json).
  • COMMAND_EXECUTION (LOW): The skill instructions direct the agent to use the grep command for searching. While the intent is a local search, if user-provided keywords are concatenated directly into the shell command without sanitization, an attacker could achieve command injection (e.g., searching for \"; rm -rf /; #\").
  • INDIRECT_PROMPT_INJECTION (LOW): The skill processes untrusted remote data which is then displayed to the agent.
  • Ingestion points: update_models.py (via urllib) and SKILL.md (via webfetch).
  • Boundary markers: None identified; external content is parsed directly as JSON.
  • Capability inventory: grep (shell execution), write (file system write), webfetch (network access).
  • Sanitization: No validation or sanitization of the string content within the JSON enum is performed before searching.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 20, 2026, 02:53 PM