uapi-post-text-analyze

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill transmits user-provided text to the external domain uapis.cn. This behavior is the primary and documented purpose of the tool.
  • [PROMPT_INJECTION]: The skill processes arbitrary user text, which creates an attack surface for indirect prompt injection.
  • Ingestion points: The text parameter in the POST /text/analyze request body (references/operations/post-text-analyze.md).
  • Boundary markers: No specific delimiters are used to wrap the input text to prevent malicious instructions.
  • Capability inventory: The skill performs network POST operations to https://uapis.cn/api/v1/text/analyze.
  • Sanitization: No input validation or sanitization is mentioned in the documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 06:30 PM
Security Audit — agent-trust-hub — uapi-post-text-analyze