Skills
skills/apiiro/cli-releases/apiiro-risks/Gen Agent Trust Hub

apiiro-risks

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the apiiro CLI tool to list, filter, and inspect security risks within a repository. This is the primary intended function of the skill and utilizes the vendor's own command-line interface.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and processes security findings, risk levels, and category descriptions from the Apiiro platform. If this external data contains adversarial instructions, it could potentially influence the agent's subsequent actions.
  • Ingestion points: Data enters the agent context through the output of the apiiro risks and apiiro risks get <risk-id> commands in SKILL.md.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the processing of the tool's output.
  • Capability inventory: The agent can execute shell commands using the apiiro CLI as shown in SKILL.md.
  • Sanitization: There is no evidence of sanitization or filtering applied to the data retrieved from the CLI before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 12:11 PM