chat-sdk
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFE
Full Analysis
- Handling of External Data (Indirect Prompt Injection): The skill is designed to process and respond to messages from external platforms, creating a potential surface for indirect prompt injection if data is processed by an AI model without sanitization.\n
- Ingestion points: Input enters via the
onNewMentionandonSubscribedMessagehandlers inSKILL.md.\n - Boundary markers: No specific delimiters or security guardrails are shown in the implementation examples for user-provided strings.\n
- Capability inventory: The skill possesses the capability to post messages to external APIs and interact with AI tools.\n
- Sanitization: Input sanitization is not demonstrated; developers are encouraged to validate and sanitize all external data before use.\n- Credential Handling: The skill demonstrates secure practices by using environment variables to manage sensitive API tokens and connection strings, which helps prevent accidental credential leaks.
Audit Metadata