Skills
skills/activeloopai/deeplake-skills/deeplake-managed/Gen Agent Trust Hub

deeplake-managed

Warn

Audited by Gen Agent Trust Hub on Mar 26, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Documentation in SKILL.md advises using sudo apt-get install ffmpeg to satisfy prerequisites for video ingestion. If an agent attempts to execute this command autonomously, it would involve a privilege escalation attempt.
  • [EXTERNAL_DOWNLOADS]: The skill requires installing multiple third-party packages from PyPI and NPM (e.g., deeplake, pymupdf, sharp). It also facilitates downloading data from HuggingFace via the _huggingface parameter in the ingestion method.
  • [PROMPT_INJECTION]: The skill ingests untrusted external data, including local files (PDF, Video, Text) and HuggingFace datasets, creating a surface for indirect prompt injection where instructions embedded in the data could influence agent behavior.
  • Ingestion points: Ingestion of local file system paths and HuggingFace datasets through the client.ingest method as documented in SKILL.md and examples.md.
  • Boundary markers: No specific delimiters or boundary markers are described to isolate data from potential instructions during ingestion.
  • Capability inventory: The skill allows the agent to read/write files and execute shell commands via the Bash and Read tools specified in the frontmatter.
  • Sanitization: No evidence of content-level sanitization or validation is present in the provided documentation or format classes.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 26, 2026, 01:32 AM