Skills
skills/tencentcloudbase/cloudbase-ai-toolkit/cloudbase-agent-ts/Gen Agent Trust Hub

cloudbase-agent-ts

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION]: The skill is designed to process external, untrusted data via the AG-UI protocol, creating a surface for indirect prompt injection attacks.
  • Ingestion points: Untrusted data enters the agent context through the messages and tools fields in the RunAgentInput interface (as seen in agui-protocol.md).
  • Boundary markers: The provided code examples (e.g., the chatNode implementation in adapter-langgraph.md) interpolate user messages directly into the LLM invocation without using delimiters or instructions to ignore embedded commands.
  • Capability inventory: Agents built using this skill possess capabilities for network operations (communicating with LLM providers) and tool execution (both server-side and client-side as defined in agui-protocol.md).
  • Sanitization: The documentation and examples do not include input validation or sanitization routines for the message content before it reaches the AI model.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 03:49 AM