Skills
skills/talesofai/neta-skills/request-character-or-style/Gen Agent Trust Hub

request-character-or-style

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes npm run neta to perform its primary function. This is standard behavior for invoking local Node.js tools and matches the skill's description.
  • [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection as it takes user-provided input from the --name and --uuid flags and interpolates them into a shell command. 1. Ingestion points: Parameters --name and --uuid defined in SKILL.md. 2. Boundary markers: Double quotes are used in documentation examples, but no specific sanitization instructions are provided for the agent. 3. Capability inventory: The skill has the capability to execute commands via the npm binary. 4. Sanitization: No explicit input validation or escaping mechanisms are described in the markdown file.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 04:24 AM