bundle-social-uploads
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security threats or malicious patterns were detected. The skill consists of markdown documentation and instructions for interacting with the Bundle.social API.
- [CREDENTIALS_UNSAFE]: The skill correctly uses placeholders (e.g.,
<your-api-key>) for authentication headers and includes explicit instructions to the agent to never call the actual API, ensuring sensitive user credentials are not handled or exposed. - [COMMAND_EXECUTION]: The skill instructions focus on generating
curlcommand examples for the user rather than executing them. There is no evidence of the agent being instructed to run shell commands or scripts locally. - [DATA_EXFILTRATION]: No network exfiltration patterns were found. The base URL (api.bundle.social) is the official endpoint for the service the skill is designed to support.
Audit Metadata