webhook-trigger
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes system binaries curl and jq to perform network operations, which is the primary intended function.
- [DATA_EXFILTRATION]: The skill facilitates sending data to external endpoints; it follows best practices by using environment variables for sensitive tokens and recommending user confirmation.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface. 1. Ingestion points: The agent reads the output of curl commands (SKILL.md). 2. Boundary markers: No explicit delimiters or instructions to ignore commands within the API response are present. 3. Capability inventory: The skill provides network communication capabilities. 4. Sanitization: There is no validation or sanitization of the remote response content.
Audit Metadata