lucid-agent-creator

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill enables the creation and execution of custom JavaScript handler code through the create_lucid_agent tool. This code is executed in a VM sandbox on the Lucid platform.
  • [DATA_EXFILTRATION]: JS handlers can be granted network access via the fetch API. If the allowedHosts configuration is set to ["*"] or contains malicious domains, it can be used to exfiltrate data processed by the agent.
  • [EXTERNAL_DOWNLOADS]: The documentation references the @lucid-agents/payments Node.js package for use in custom SDK implementations.
  • [PROMPT_INJECTION]: The skill introduces a surface for indirect prompt injection (Category 8).
  • Ingestion points: Untrusted external data enters the handler context via the input global variable.
  • Boundary markers: The skill does not describe or implement boundary markers or instructions for the agent to ignore malicious commands embedded in the input data.
  • Capability inventory: Handlers can perform network requests (fetch) and process arbitrary logic, which could be exploited if malicious input is successfully injected.
  • Sanitization: There is no mention of sanitization, filtering, or validation for the content of the input variable in the handler logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 02:09 AM
Security Audit — agent-trust-hub — lucid-agent-creator