Skills
NYC
skills/sanjay3290/ai-skills/manus/Gen Agent Trust Hub

manus

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill performs network operations to a non-whitelisted domain (api.manus.ai). This is the intended primary purpose of the skill to facilitate communication with the Manus AI service. No sensitive local files are accessed or exfiltrated during these operations.
  • PROMPT_INJECTION (LOW): This skill is vulnerable to Indirect Prompt Injection (Category 8) due to its core delegation workflow.
  • Ingestion points: The skill fetches text and file attachments via GET /v1/tasks/{task_id} in SKILL.md.
  • Boundary markers: Absent. There are no delimiters or instructions to the host agent to ignore embedded commands in the Manus output.
  • Capability inventory: The skill utilizes curl for network requests and jq for data processing.
  • Sanitization: Absent. Output from the external agent is parsed and returned to the caller without filtering or escaping.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 05:26 PM