autogpt-agents

Pass

Audited by Gen Agent Trust Hub on Jun 29, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to clone the official AutoGPT repository from GitHub (Significant-Gravitas/AutoGPT). This is a widely recognized and reputable open-source project.
  • [COMMAND_EXECUTION]: The documentation includes standard setup and troubleshooting commands using docker compose, npm, and poetry. These are part of the intended development workflow for the platform and do not represent malicious privilege escalation.
  • [CREDENTIALS_UNSAFE]: The skill provides guidance on managing secrets through environment variables and a dedicated integration system. It correctly advises users to use .env files for local configuration, which is a security best practice.
  • [PROMPT_INJECTION]: As an agent-building platform, the tool naturally handles external data from webhooks and APIs. While this creates a surface for indirect prompt injection, it is a fundamental capability of the platform and is documented transparently.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 29, 2026, 12:55 AM
Security Audit — agent-trust-hub — autogpt-agents