Skills
skills/vm0-ai/vm0-skills/jotform/Gen Agent Trust Hub

jotform

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash -c to wrap curl commands. This is implemented as a workaround for environment variable handling in piped command sequences.
  • [EXTERNAL_DOWNLOADS]: The skill makes network requests to official JotForm domains (api.jotform.com, eu-api.jotform.com, hipaa-api.jotform.com) to retrieve and manage form data.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from external form submissions.
  • Ingestion points: Form submissions, questions, and properties retrieved via GET requests in SKILL.md.
  • Boundary markers: Absent. Data retrieved from the API is piped to jq and then directly into the agent's context without delimiters.
  • Capability inventory: The skill utilizes curl for network operations and bash -c for command execution, providing a surface for further actions if the agent is manipulated.
  • Sanitization: No explicit sanitization or filtering is performed on the data retrieved from JotForm before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 07:15 AM