Skills
skills/workos/cli/workos-authkit-base/Gen Agent Trust Hub

workos-authkit-base

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill defines an external README as the 'source of truth' for implementation, exposing the agent to instructions from untrusted external data.
  • Ingestion points: External README fetched via WebFetch (SKILL.md).
  • Boundary markers: Absent; the agent is instructed to follow README patterns explicitly.
  • Capability inventory: Subprocess execution (npm install, build) and file system modification.
  • Sanitization: Absent; no validation is performed on the fetched instructions.
  • [External Downloads] (LOW): The skill dynamically fetches documentation from npmjs.com or GitHub to derive commands, which is a potential risk if the target package name is manipulated or the source is compromised.
  • [Command Execution] (LOW): The skill guides the agent to perform package installations and build verifications based on logic derived from external, non-static sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:27 PM