dart-pub-dev-search
Pass
Audited by Gen Agent Trust Hub on Mar 13, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill provides a legitimate search interface for Dart packages. No hardcoded credentials, malicious scripts, or data exfiltration patterns were found.
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface by fetching user-contributed package metadata from an external source (pub.dev).
- Ingestion points: search results (SKILL.md)
- Boundary markers: absent (SKILL.md)
- Capability inventory: search and status polling (SKILL.md)
- Sanitization: absent (SKILL.md)
Audit Metadata