Skills
skills/ypyt1/all-skills/ringbot/Gen Agent Trust Hub

ringbot

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
  • [NO_CODE]: The skill repository contains only documentation and metadata files. The core logic scripts agent.py and main.py are referenced as the primary execution points but are not included in the provided files for security verification.
  • [PROMPT_INJECTION]: The skill's API design is susceptible to indirect prompt injection. It accepts 'purpose' and 'context' strings to guide the AI voice agent's behavior during real-world phone calls.
  • Ingestion points: The purpose and context parameters in the POST /ringbot/call API endpoint.
  • Boundary markers: No delimiters or safety instructions are described to prevent the AI from following malicious commands embedded within the context or purpose strings.
  • Capability inventory: The skill can initiate outbound phone calls and conduct natural language conversations with external parties.
  • Sanitization: There is no evidence of input validation or sanitization for the data passed to the AI agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 01:37 AM