uapi-get-game-minecraft-serverstatus

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external data from the UAPI service into the agent context without explicit sanitization or delimiters.\n
  • Ingestion points: Data enters the agent context via the API response from https://uapis.cn/api/v1/game/minecraft/serverstatus (referenced in references/operations/get-game-minecraft-serverstatus.md).\n
  • Boundary markers: The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded in the server's MOTD or status response.\n
  • Capability inventory: The agent is authorized to perform network requests to the vendor's API endpoint.\n
  • Sanitization: The skill does not implement or require any validation or escaping of the external API response before it is used by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 06:42 AM
Security Audit — agent-trust-hub — uapi-get-game-minecraft-serverstatus