Skills
skills/allenai/asta-plugins/Asta Library/Gen Agent Trust Hub

Asta Library

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill downloads and installs a CLI plugin from the author's official GitHub repository (github.com/allenai/asta-plugins.git) during the installation phase.
  • [REMOTE_CODE_EXECUTION]: The skill uses the uv package manager to install a tool directly from a remote Git repository, which executes code from that repository on the local system.
  • [EXTERNAL_DOWNLOADS]: The skill implements a workflow to download remote YAML index files using curl from URLs provided within asta:// formatted strings.
  • [PROMPT_INJECTION]: The skill processes untrusted data from remote YAML indexes which could contain malicious metadata (summaries or names) intended to influence the agent's behavior or output when the documents are searched or retrieved (Indirect Prompt Injection).
  • Ingestion points: Remote index.yaml files downloaded from arbitrary URLs.
  • Boundary markers: None; the agent is instructed to parse and use the YAML content directly.
  • Capability inventory: The skill can execute shell commands via the asta CLI, read arbitrary files, and write to the .asta/ directory.
  • Sanitization: The skill instructions do not specify validation or sanitization of the downloaded YAML content before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 12:03 AM
Security Audit — agent-trust-hub — Asta Library