twill-cloud-coding-agent
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill directs network traffic to the vendor's official domain at twill.ai. These interactions are necessary for the skill's stated purpose of managing API workflows and do not constitute unauthorized data exfiltration.
- [SAFE]: No hardcoded credentials or secrets were found. The skill correctly instructs the user to provide authentication via the TWILL_API_KEY environment variable.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests data from external API endpoints, which creates a potential surface for indirect prompt injection.
- Ingestion points: Data retrieved from API responses, including repository lists, task metadata, and job logs as described in SKILL.md.
- Boundary markers: Absent; there are no delimiters or specific instructions used to separate external data from internal agent prompts.
- Capability inventory: Execution of curl commands to interact with the Twill API.
- Sanitization: Absent; the skill does not include logic to filter or sanitize incoming data from the API responses.
Audit Metadata