Skills
skills/billevansonline/ganesh-api-skill/ganesh/Gen Agent Trust Hub

ganesh

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
  • [PROMPT_INJECTION]: The skill provides instructions to the agent to consult an external documentation source via a shortened URL (https://ishortn.ink/ganesh-official-api) which is described as changing frequently. This creates a risk of indirect prompt injection where the external content could be manipulated to execute unauthorized actions via the agent.\n
  • Ingestion points: The URL in SKILL.md serves as a dynamic input for the agent's logic.\n
  • Boundary markers: Absent; there are no instructions to treat the documentation content as untrusted data.\n
  • Capability inventory: The skill intends for the agent to perform network-based image uploads.\n
  • Sanitization: Absent; the agent is expected to adopt the endpoints and parameters found in the documentation without validation.\n- [NO_CODE]: The skill does not provide any scripts or code, consisting exclusively of Markdown documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 07:30 AM
Security Audit — agent-trust-hub — ganesh