Skills
skills/tallpizza/dots-skill/dots/Gen Agent Trust Hub

dots

Pass

Audited by Gen Agent Trust Hub on Mar 27, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash and curl to interact with the Dots HTTP API. This is the intended primary purpose of the skill for performing graph operations.
  • [DATA_EXPOSURE]: The skill manages an API key (sk_... format) stored in a local configuration file dots.json. It provides instructions to the agent to prompt the user for the key and store it securely, including a recommendation to add the file to .gitignore to prevent accidental commits.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data retrieved from the Dots API (e.g., node titles, properties, and graph snapshots). This data could potentially contain malicious instructions intended to influence the agent's behavior.
  • Ingestion points: API responses from GET /graph, GET /nodes/:id, and /query endpoints defined in SKILL.md.
  • Boundary markers: The instructions do not specify the use of delimiters or 'ignore embedded instructions' warnings when processing graph data.
  • Capability inventory: The agent can execute shell commands via curl and bash as defined in SKILL.md.
  • Sanitization: No explicit sanitization or validation of the graph content is mentioned before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 27, 2026, 02:30 AM