uapi-get-misc-timestamp
Pass
Audited by Gen Agent Trust Hub on Jul 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [DATA_EXPOSURE_AND_EXFILTRATION]: The skill performs network operations to the UAPI public API service at
https://uapis.cn/api/v1/misc/timestamp. This interaction is consistent with the skill's purpose of providing utility functions from its own platform.\n- [INDIRECT_PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it interpolates user-provided data into external API requests and processes the resulting output.\n - Ingestion points: The
tsquery parameter defined inreferences/operations/get-misc-timestamp.md.\n - Boundary markers: Absent; there are no specific delimiters to isolate the untrusted input or output from the agent's primary instructions.\n
- Capability inventory: The skill is capable of performing HTTP
GETrequests to external domains.\n - Sanitization: The documentation recommends verifying that the
tsparameter is a numeric string, providing a basic form of input validation.
Audit Metadata