Skills
skills/udecode/plate/proof/Gen Agent Trust Hub

proof

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill uses the WebFetch and Bash tools to communicate with the official vendor domain 'proofeditor.ai'. This is required for the document synchronization and collaboration features described.
  • [COMMAND_EXECUTION]: The skill uses Bash to execute 'curl' and 'jq' commands. These commands are used to interact with the Proof API to send and receive document content and metadata.
  • [PROMPT_INJECTION]: The skill reads document content from the Proof API, which could potentially contain embedded instructions.
  • Ingestion points: Markdown content is ingested from 'https://www.proofeditor.ai/api/agent/{slug}/state'.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are used when processing document content.
  • Capability inventory: The skill utilizes Bash, Read, Write, and WebFetch tools.
  • Sanitization: No specific sanitization of document content is performed before processing, though this is expected for a text-editing utility.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 06:10 AM