openrouter
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behavior or security risks were identified. The implementation is consistent with its stated purpose of providing an OpenRouter API client.
- [DATA_EXFILTRATION]: Network requests are restricted to the official OpenRouter API (openrouter.ai). No sensitive local data is transmitted to external sources beyond the intended API parameters.
- [CREDENTIALS_UNSAFE]: The skill correctly handles the OpenRouter API key by retrieving it from environment variables, adhering to security best practices and avoiding hardcoded secrets.
- [PROMPT_INJECTION]: The skill processes user prompts for transmission to AI models. While this involves handling untrusted input, the skill does not interpret or execute the resulting AI responses as code, maintaining a secure execution environment.
Audit Metadata