uapi-get-avatar-gravatar

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill performs network GET requests to the external domain https://uapis.cn, which is not a recognized whitelisted service. It transmits user PII, such as email addresses or their MD5 hashes, as query parameters to this service to retrieve avatar images.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface due to the processing of untrusted user input that is interpolated into external API requests.
  • Ingestion points: The email and hash query parameters defined in references/operations/get-avatar-gravatar.md are directly populated by user input.
  • Boundary markers: There are no explicit delimiters or instructions to the agent to treat the user-supplied parameters as data rather than instructions.
  • Capability inventory: The skill possesses the capability to perform network operations to fetch binary data from a remote server based on user input.
  • Sanitization: The documentation does not specify any validation, filtering, or sanitization processes for the email or hash inputs before they are utilized in the network request.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 06:42 AM
Security Audit — agent-trust-hub — uapi-get-avatar-gravatar