Skills
NYC
skills/tencentcloudbase/awesome-cloudbase-examples/ai-model-web/Gen Agent Trust Hub

ai-model-web

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill relies on the @cloudbase/js-sdk npm package. While this is the official SDK for Tencent CloudBase, it originates from an external registry.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection as it processes arbitrary text input in the messages array. Ingestion points: messages parameter in generateText and streamText methods in SKILL.md. Boundary markers: None present in the provided code examples. Capability inventory: Limited to network requests to the AI provider. Sanitization: No input sanitization or escaping is demonstrated in the examples.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 11:58 PM