use-sapiom
Warn
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The tool 'sapiom_sandbox_exec' allows for the execution of arbitrary shell commands within persistent cloud sandboxes on the vendor's platform.
- [REMOTE_CODE_EXECUTION]: The skill provides 'sapiom_run' and 'sapiom_job_deploy' tools to execute code snippets or scheduled tasks in multiple languages (Node.js, Python, Go, Rust) on remote infrastructure.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the web.
- Ingestion points: 'sapiom_fetch', 'sapiom_scrape', 'sapiom_crawl', 'sapiom_search', and 'sapiom_deep_search' fetch content from external URLs.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the documentation.
- Capability inventory: The skill has high-privilege capabilities including remote code execution, shell access, and message publishing.
- Sanitization: There is no documentation of sanitization or filtering of ingested content.
Audit Metadata