catalystone
Pass
Audited by Gen Agent Trust Hub on May 12, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions and metadata describe legitimate integration workflows with CatalystOne via Apideck's HRIS API.
- [DATA_EXFILTRATION]: The skill correctly demonstrates using environment variables (
APIDECK_API_KEY,APIDECK_APP_ID) to handle credentials rather than hardcoding secrets. Network operations are directed to the official Apideck API (unify.apideck.com) and CatalystOne domains, which are recognized as well-known service providers. - [EXTERNAL_DOWNLOADS]: The skill references the official
@apideck/unifypackage for Node.js. This is a standard dependency for the vendor's service. - [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists because the skill processes data from external HRIS records (employees, time-off requests).
- Ingestion points: Data retrieved from the
apideck.hris.employees.listendpoint and the Proxy API. - Boundary markers: No explicit delimiter markers or 'ignore' instructions are provided in the example prompts.
- Capability inventory: The skill utilizes network request capabilities to communicate with Apideck and CatalystOne.
- Sanitization: No explicit sanitization of returned API data is shown in the provided examples.
Audit Metadata