autumn-best-practices
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS] (LOW): The skill documentation recommends installing
autumn-jsandautumn-pyfrom public registries. These are not from the trusted organization list. The severity is lowered to LOW as package installation is fundamental to the skill's primary purpose. - [PROMPT_INJECTION] (LOW): Indirect Prompt Injection Surface. The skill facilitates ingesting untrusted data from the Autumn API (e.g., via
checkandproducts.listmethods) which influences billing and access logic. Evidence: (1) Ingestion points: Responses fromapi.useautumn.comprocessed inSKILL.mdexamples. (2) Boundary markers: Absent in provided snippets. (3) Capability inventory: Application access control and billing state management. (4) Sanitization: None mentioned in documentation examples.
Audit Metadata