pace-dashboard-configure
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill configures a tool that ingests data from untrusted external sources (e.g., RSS feeds, Reddit, Mastodon, arXiv) and applies LLM-powered transforms like summarization, filtering, and ranking. Malicious instructions embedded in these external content streams could attempt to influence the LLM's output.
- Ingestion points: External content adapters defined in
config.yaml(RSS, Reddit, GitHub, Mastodon, etc.). - Boundary markers: No specific delimiters or "ignore instructions" warnings are documented for the LLM transformation pipelines.
- Capability inventory: The skill primarily performs file writes for configuration and executes local dashboard management commands.
- Sanitization: No explicit sanitization or filtering of external content before LLM processing is mentioned.
- [EXTERNAL_DOWNLOADS]: Fetches the official
paceDocker image from the author's GitHub Container Registry (ghcr.io/av/pace:latest). It also references well-known technology services for data ingestion (e.g., GitHub API, npm registry, arXiv, Wikipedia). - [COMMAND_EXECUTION]: Executes local commands for the
paceCLI tool,docker,docker-compose, andbunfor dashboard management and validation. It also includes instructions for interacting with the local dashboard server viacurl.
Audit Metadata