uapi-get-social-qq-userinfo

Pass

Audited by Gen Agent Trust Hub on Jul 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill is designed to communicate with an external API at uapis.cn. This is the central functionality of the skill provided by the author (AxT-Team).
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface area.
  • Ingestion points: The agent ingests data from the external API response via the /social/qq/userinfo endpoint, which includes user-controlled content such as nicknames and个性签名 (personal signatures) (found in references/operations/get-social-qq-userinfo.md).
  • Boundary markers: The instructions lack explicit delimiters or warnings to treat the returned social profile data as untrusted content.
  • Capability inventory: The skill enables network read operations; the presence of other capabilities (like file writing or code execution) would depend on the broader agent environment.
  • Sanitization: There are no instructions for the agent to sanitize, escape, or validate the content returned from the API before processing it as natural language.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 9, 2026, 06:42 AM
Security Audit — agent-trust-hub — uapi-get-social-qq-userinfo