Skills
skills/andrewyng/context-hub-skill/context-hub/Gen Agent Trust Hub

context-hub

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill instructs the installation of the @aisuite/chub package globally via npm. This involves downloading and executing third-party code from a package registry.
  • [COMMAND_EXECUTION]: The instructions require the agent to interact with the system shell to check for existing installations and execute multiple chub CLI commands for searching, retrieving, and annotating content.
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection (Category 8) by fetching documentation that the agent is told to treat as an authority.
  • Ingestion points: Output from the chub get command is ingested into the agent's context (SKILL.md).
  • Boundary markers: No explicit delimiters are used to separate fetched content from instructions, nor are there warnings to the agent to ignore embedded instructions.
  • Capability inventory: The skill possesses command execution and package installation capabilities (SKILL.md).
  • Sanitization: The skill does not include steps to sanitize or validate the content retrieved from the external service before processing.
  • [DATA_EXFILTRATION]: The chub feedback command transmits feedback comments to an external service. Although the skill includes a warning against including sensitive information, this command represents a potential channel for data transmission.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 10:47 PM