Skills
skills/aradotso/devtools-skills/privatelm-cross-platform-llm-client/Gen Agent Trust Hub

privatelm-cross-platform-llm-client

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The ModelController.downloadModel method in SKILL.md implements functionality to download model files from remote URLs to the device's local storage. This is a standard feature for applications supporting local LLM inference.\n- [PROMPT_INJECTION]: The framework in SKILL.md (specifically ChatController and VisionService) creates an indirect prompt injection surface by interpolating user input and images into LLM chat templates.\n
  • Ingestion points: Untrusted user input enters the agent context through the sendMessage and processImageLocal methods in SKILL.md.\n
  • Boundary markers: Present; the AppConfig.chatTemplates class defines clear delimiters (e.g., ChatML, Llama3) to distinguish between system, user, and assistant roles.\n
  • Capability inventory: The skill involves network operations to cloud API providers, file writes for model storage, and persistent storage using Hive.\n
  • Sanitization: No explicit sanitization of user-provided prompt content is shown in the snippets, which is expected behavior for a client-side library framework.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 10:46 AM