pace-dashboard-configure

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill configures a tool that ingests data from untrusted external sources (e.g., RSS feeds, Reddit, Mastodon, arXiv) and applies LLM-powered transforms like summarization, filtering, and ranking. Malicious instructions embedded in these external content streams could attempt to influence the LLM's output.
  • Ingestion points: External content adapters defined in config.yaml (RSS, Reddit, GitHub, Mastodon, etc.).
  • Boundary markers: No specific delimiters or "ignore instructions" warnings are documented for the LLM transformation pipelines.
  • Capability inventory: The skill primarily performs file writes for configuration and executes local dashboard management commands.
  • Sanitization: No explicit sanitization or filtering of external content before LLM processing is mentioned.
  • [EXTERNAL_DOWNLOADS]: Fetches the official pace Docker image from the author's GitHub Container Registry (ghcr.io/av/pace:latest). It also references well-known technology services for data ingestion (e.g., GitHub API, npm registry, arXiv, Wikipedia).
  • [COMMAND_EXECUTION]: Executes local commands for the pace CLI tool, docker, docker-compose, and bun for dashboard management and validation. It also includes instructions for interacting with the local dashboard server via curl.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 11:07 AM
Security Audit — agent-trust-hub — pace-dashboard-configure