hugging-face-tool-builder
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to generate, test, and execute command-line scripts in Bash, Python, and TSX. This behavior is the primary intended function of the tool-builder.
- [EXTERNAL_DOWNLOADS]: The skill fetches data and API specifications from Hugging Face's official domains, which are recognized as well-known and trusted services.
- [PROMPT_INJECTION]: The skill processes external data from Hugging Face repositories (model and dataset cards), representing an indirect prompt injection surface.
- Ingestion points: Model and dataset card files from repositories, and API query results.
- Boundary markers: No explicit delimiters or instructions to ignore embedded content are provided in the prompt logic.
- Capability inventory: The agent can execute generated code, use the curl utility, and interact with the hf CLI tool.
- Sanitization: No specific sanitization or filtering logic is defined for the external repository content before processing.
Audit Metadata