uapi-get-network-pingmyip
Pass
Audited by Gen Agent Trust Hub on Jul 9, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill exposes an indirect prompt injection surface as it processes responses from an external API service. Ingestion points: API responses from
uapis.cnas described inreferences/operations/get-network-pingmyip.md. Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions embedded in the API output. Capability inventory: The agent maintains standard tool-use capabilities to act upon the data returned from the API. Sanitization: The skill does not define validation or sanitization logic for the remote service's output. - [SAFE]: All external network requests are directed to the legitimate
uapis.cndomain for the intended diagnostic purpose. - [SAFE]: Credential handling follows security best practices by instructing users to obtain and use their own UAPI Keys through the official website rather than providing hardcoded secrets within the skill.
Audit Metadata