lxmf-protocol
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- Indirect Prompt Injection (LOW): Surface for indirect prompt injection through processed message content. Ingestion points:
message.contentandmessage.titleinSKILL.mdandreferences/examples.md. Boundary markers: Absent in code examples. Capability inventory: No high-risk capabilities like arbitrary command execution or system-level modification were found in the provided scripts. Sanitization: Incoming message content is not sanitized in the provided examples. - Unverifiable Dependencies & Remote Code Execution (LOW): The skill suggests installing
rnsandlxmfpackages via pip. While these are the official and expected libraries for the protocol described, the author does not belong to the predefined list of trusted organizations.
Audit Metadata