skills/alva-ai/skills/alva/Gen Agent Trust Hub

alva

Pass

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill manages its own environment by instructing the agent to install and update the @alva-ai/toolkit package via npm and provides a shell script for version checks. These operations are intended for the skill's primary function of interacting with the Alva platform.
  • [EXTERNAL_DOWNLOADS]: The scripts/version_check.sh script fetches release metadata from GitHub's official API to notify users of updates. This behavior is transparent and originates from a trusted repository associated with the author.
  • [COMMAND_EXECUTION]: Core functionality relies on the execution of JavaScript scripts in a sandboxed V8 environment to process financial data. This is the intended design for the platform's 'feeds' and 'playbooks'.
  • [PROMPT_INJECTION]: The skill processes external search data (e.g., from Twitter or News) to generate summaries. While this represents an indirect prompt injection surface, the prompts include strict grounding rules and citation requirements to mitigate risks.
  • Ingestion points: templates/ai-digest/template.md, templates/thesis/example/feeds/ai-bottleneck-news.js
  • Boundary markers: Uses structured JSON schemas and explicit instruction blocks (e.g., INPUT_MATCHES, CONTEXT_FACTS) to delimit external content.
  • Capability inventory: Limited to the alva CLI and the platform's sandboxed runtime.
  • Sanitization: Includes HTML escaping in dashboard templates to prevent XSS during visualization.
Audit Metadata
Risk Level
SAFE
Analyzed
May 20, 2026, 06:36 AM