airtable
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill is a well-documented integration for the official Airtable API (api.airtable.com), providing standard operations for managing bases, tables, and records.- [COMMAND_EXECUTION]: The skill utilizes standard command-line tools such as
curlandjqto perform network requests and parse JSON responses. These commands are localized to the Airtable API and do not exhibit signs of arbitrary or malicious execution.- [CREDENTIALS_UNSAFE]: Sensitive information is handled securely using thevm0_secretsconfiguration. TheAIRTABLE_TOKENis accessed via environment variables (printenv), avoiding hardcoded credentials in the skill's source.- [DATA_EXFILTRATION]: All network operations are pointed towards the legitimateapi.airtable.comendpoints. There are no secondary network calls or suspicious data forwarding mechanisms detected.- [SAFE]: The skill mentions the author's own domain (vm0.ai) for service connection, which is consistent with the vendor context and represents normal platform functionality.- [SAFE]: While the skill ingests external data from Airtable records and comments (Category 8 surface), the data is only used for display or as parameters for further API calls. There is no evidence of the agent executing untrusted data as instructions.
Audit Metadata