cloudbase-agent-ts
Pass
Audited by Gen Agent Trust Hub on Feb 22, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface identified. * Ingestion points: User messages are ingested via the
RunAgentInputinterface and HTTP headers (Authorization JWT) as seen inadapter-langchain.mdandadapter-langgraph.md. * Boundary markers: Implementation examples do not demonstrate explicit delimiters or system instructions to ignore embedded commands. * Capability inventory: The system supports server-side tool execution and database persistence viaCloudBaseSaver. * Sanitization: No explicit sanitization or validation of incoming message content is demonstrated in the provided code snippets. - EXTERNAL_DOWNLOADS (LOW): The skill requires installation of multiple packages from the
@cloudbaseand@ag-uiscopes. While these organizations are not in the predefined 'Trusted' list, they are legitimate components of the Tencent CloudBase ecosystem. - DATA_EXFILTRATION (SAFE): No patterns of unauthorized data access or exfiltration were detected. JWT decoding via
atobis used for standard multi-tenant isolation and authentication purposes.
Audit Metadata