create-project
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [DATA_EXFILTRATION]: The skill transmits project information to the official Karma API at gapapi.karmahq.xyz. This is the expected behavior for the project creation feature and communicates with the vendor's verified domain.
- [COMMAND_EXECUTION]: It provides a curl template that uses environment variables for authentication and endpoint configuration. While safe in principle, the agent must ensure that user-provided strings within the JSON payload are properly escaped to prevent any shell command injection.
- [PROMPT_INJECTION]: There is a potential for indirect prompt injection as the skill ingests and processes untrusted user data for on-chain registration.
- Ingestion points: Fields such as title, description, and links are populated by user input.
- Boundary markers: No delimiters or ignore instructions are used to wrap the user-provided data in the request.
- Capability inventory: The skill utilizes network access via curl to interact with external API endpoints.
- Sanitization: While the title length is restricted to 200 characters, no explicit sanitization or filtering is performed on the 5000-character description or link URLs.
Audit Metadata