uapi-get-game-minecraft-serverstatus
Pass
Audited by Gen Agent Trust Hub on Jul 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it incorporates external data from the UAPI service into the agent context without explicit sanitization or delimiters.\n
- Ingestion points: Data enters the agent context via the API response from
https://uapis.cn/api/v1/game/minecraft/serverstatus(referenced inreferences/operations/get-game-minecraft-serverstatus.md).\n - Boundary markers: The instructions do not define delimiters or provide warnings to the agent to ignore instructions embedded in the server's MOTD or status response.\n
- Capability inventory: The agent is authorized to perform network requests to the vendor's API endpoint.\n
- Sanitization: The skill does not implement or require any validation or escaping of the external API response before it is used by the agent.
Audit Metadata