Skills
skills/useparagon/paragon-skills/paragon-skill/Gen Agent Trust Hub

paragon-skill

Pass

Audited by Gen Agent Trust Hub on Mar 4, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Recommends the installation of the @useparagon/connect package and references other standard libraries like Vercel's ai SDK from the NPM registry.
  • [COMMAND_EXECUTION]: Provides documented curl examples for interacting with Paragon's official API endpoints for ActionKit and Managed Sync services.
  • [PROMPT_INJECTION]: Identifies an indirect injection surface in the documented implementation pattern where agent tools are dynamically generated from API-provided JSON schemas.
  • [INGESTION_POINTS]: Tool definitions are retrieved from https://actionkit.useparagon.com at runtime in the references/actionkit.md example.
  • [BOUNDARY_MARKERS]: None provided in the reference implementation code.
  • [CAPABILITY_INVENTORY]: Generated tools can perform write operations to 3rd-party services (e.g., Salesforce, Slack) via the ActionKit RUN ACTION endpoint.
  • [SANITIZATION]: The example relies on the integrity of the vendor's API response for tool schema validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 4, 2026, 04:07 PM