Skills
skills/sundial-org/awesome-openclaw-skills/lmstudio-subagents/Gen Agent Trust Hub

lmstudio-subagents

Pass

Audited by Gen Agent Trust Hub on Mar 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONCREDENTIALS_UNSAFEPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands using curl and node to interact with the local LM Studio server. Evidence in SKILL.md: exec command:"curl ... http://127.0.0.1:1234/api/v1/models" and exec command:"node scripts/lmstudio-api.mjs ...".
  • [CREDENTIALS_UNSAFE]: A hardcoded authorization token is used for local API requests. Evidence: Authorization: Bearer lmstudio is used in both SKILL.md and scripts/lmstudio-api.mjs. Note: This is the default, non-sensitive credential for local LM Studio instances.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it interpolates untrusted user or document data into local model prompts without sanitization. * Ingestion points: The <task> parameter in SKILL.md and the taskContent argument in scripts/lmstudio-api.mjs. * Boundary markers: None identified; the task content is passed directly into a JSON payload field. * Capability inventory: The skill has capabilities to execute local system commands and perform network operations on the local loopback interface. * Sanitization: No specific sanitization or filtering of the injected content is performed before it is sent to the local model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 6, 2026, 08:33 AM