Skills
skills/vibeindex/skills/rising/Gen Agent Trust Hub

rising

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION] (LOW): The skill performs network operations via WebFetch to vibeindex.ai. This domain is not among the trusted external sources. While the usage pattern suggests a data fetch (GET), network requests to unverified domains are flagged as a potential exfiltration vector.
  • [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected (Category 8).
  • Ingestion points: Data enters the agent context through the description and description_ko fields returned by the vibeindex.ai API.
  • Boundary markers: Absent. The skill does not use delimiters or instructions to treat the API response as untrusted data.
  • Capability inventory: WebFetch (network access).
  • Sanitization: Absent. The skill directly interpolates the external strings into the final markdown output provided to the user/agent.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references and fetches content from an external, non-whitelisted URL (vibeindex.ai).
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:24 PM