awiki-id
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill makes extensive use of a command-line utility
awiki-clivia the Bash tool to perform identity operations such as registration, binding, and profile updates. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it instructs the agent to retrieve and potentially process remote DID profile data (
id profile get). This data is externally controlled and could contain malicious instructions. - Ingestion points: Remote DID profile data retrieved via
id profile get(SKILL.md) - Boundary markers: Absent
- Capability inventory:
Bash(awiki-cli:*)(SKILL.md) - Sanitization: Not specified in instructions
Audit Metadata