Skills
skills/callstackincubator/rozenite/rozenite-agent/Gen Agent Trust Hub

rozenite-agent

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes the npx rozenite CLI to perform session management and domain-specific calls against the target application.
  • [EXTERNAL_DOWNLOADS]: Running commands with npx can result in the download of the rozenite package from the npm registry if it is not already available in the environment.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection because it processes untrusted content from the application's runtime.
  • Ingestion points: Application data enters the agent's context through tools like getMessages, getResponseBody, and read-text-file.
  • Boundary markers: No specific delimiters or instructions are provided to help the agent distinguish between application data and legitimate instructions.
  • Capability inventory: The agent has the ability to execute shell commands, read files from the device, and modify application storage.
  • Sanitization: There is no evidence of data sanitization or validation for content retrieved from the application.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 11:52 PM