leniu-redis-cache
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface.
- Ingestion points: Method parameters such as
userId,taskId, andapipaths documented inSKILL.mdare used as components for building dynamic Redis keys. - Boundary markers: The documentation lacks explicit input validation or the use of specific delimiters to prevent key manipulation or command injection within the Redis context.
- Capability inventory: The skill grants the agent the ability to perform Redis operations including data retrieval, insertion, pattern-based deletion, and acquiring distributed locks.
- Sanitization: Code examples demonstrate direct string concatenation (e.g., 'user:' + userId) and string formatting without showing input filtering or sanitization of Redis-specific control characters or wildcards.
Audit Metadata