sinch-fax-api
Pass
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill does not contain any malicious patterns, obfuscation, or unauthorized data access attempts.
- [EXTERNAL_DOWNLOADS]: References API documentation and SDK guides from Sinch's official developer domain (developers.sinch.com), which is the legitimate source for this vendor's resources.
- [CREDENTIALS_UNSAFE]: Demonstrates secure practices by instructing users to store project IDs and access tokens in environment variables rather than hardcoding them.
- [PROMPT_INJECTION]: Includes proactive security guidance regarding indirect prompt injection. It explicitly warns developers to treat inbound fax content (webhooks, metadata, URLs) as untrusted and to perform validation and sanitization before processing to prevent injection or unauthorized command execution in downstream applications.
Audit Metadata