Skills
skills/zhanghandong/makepad-skills/robius-event-action/Gen Agent Trust Hub

robius-event-action

Pass

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: LOWDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (LOW): The skill provides patterns for processing external content such as Markdown links and user text.
  • Ingestion points: MarkdownAction::LinkNavigated in references/moly-action-patterns.md and Event::TextInput in references/event-handling.md.
  • Boundary markers: Absent.
  • Capability inventory: The patterns include opening system URIs via the robius_open library.
  • Sanitization: No validation or sanitization logic is present in the reference code.
  • [DATA_EXFILTRATION] (LOW): The 'External Link Action Pattern' in references/moly-action-patterns.md demonstrates how to open system URIs using robius_open. This capability can be abused to exfiltrate data via URL query parameters or to conduct phishing attacks if the URL is sourced from untrusted external content like a malicious Markdown link.
Audit Metadata
Risk Level
LOW
Analyzed
Feb 16, 2026, 03:49 AM