Skills
skills/thapaliyabikendra/ai-artifacts/api-spec-to-service/Gen Agent Trust Hub

api-spec-to-service

Pass

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs bash_tool to run shell commands like find, grep, and jq for project discovery and pattern analysis within the local workspace.
  • [DATA_EXFILTRATION]: The skill allows reading files from arbitrary paths provided by the user via the view tool. While intended for reading API specifications, this capability could be abused to expose sensitive local files (e.g., credentials or configuration) to the agent's context if a malicious path is supplied.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its core functionality of generating executable code from external data.
  • Ingestion points: The skill reads Markdown, JSON, or YAML API specifications provided by the user in SKILL.md Step 1.
  • Boundary markers: There are no identified delimiters or instructions to the agent to treat the content of the API specification as untrusted data during the code generation process.
  • Capability inventory: The skill has extensive file-writing capabilities via create_file and system analysis capabilities via bash_tool across multiple steps.
  • Sanitization: The logic does not perform sanitization or validation of the input data extracted from the specification before injecting it into C# class templates in Steps 6, 7, and 8.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 26, 2026, 04:01 AM