Skills
skills/tambo-ai/tambo/tools-and-context/Gen Agent Trust Hub

tools-and-context

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: CRITICALEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The documentation recommends the installation of @tambo-ai/react and @modelcontextprotocol/sdk. These appear to be official SDKs for the Tambo platform and the standard Model Context Protocol.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill enables the AI agent to process data from external sources and user-provided files.
  • Ingestion points: Data enters the agent via fetchUser, fetchDoc, fetchDocs, and the useTamboContextAttachment hook which processes local files.
  • Boundary markers: The provided examples do not demonstrate the use of delimiters or specific instructions to the LLM to ignore embedded commands in the context data.
  • Capability inventory: Tools are used for data retrieval; the code examples do not include subprocess execution or sensitive file system modifications.
  • Sanitization: The implementation uses zod for input and output schema validation, which provides structural integrity but does not sanitize against semantic instructions embedded within valid string fields.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
CRITICAL
Analyzed
Feb 17, 2026, 05:16 PM