Skills
skills/speakeasy-api/agent-skills/create-openapi-overlay/Gen Agent Trust Hub

create-openapi-overlay

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [NO_CODE] (SAFE): The skill consists solely of markdown documentation and YAML examples with no included executable code or scripts.
  • [COMMAND_EXECUTION] (SAFE): Mentions usage of the speakeasy CLI for comparing specifications, which is a legitimate and expected tool for this use case.
  • [PROMPT_INJECTION] (LOW): The skill handles untrusted data in the form of OpenAPI specs, creating a surface for indirect prompt injection. 1. Ingestion points: 'Target spec' defined in the Inputs table. 2. Boundary markers: No delimiters or ignore instructions are specified for the input data. 3. Capability inventory: No scripts or automated actions are included in the skill. 4. Sanitization: No input validation or sanitization of the OpenAPI specs is mentioned.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:22 PM