cekura-metric-design
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious behaviors or security vulnerabilities were identified in the instruction or reference files.\n- [CREDENTIALS_UNSAFE]: The skill documents the use of API keys and OAuth for service authentication. No actual credentials are hardcoded in the skill files.\n- [EXTERNAL_DOWNLOADS]: Fetches data from and interacts with official vendor domains (api.cekura.ai, dashboard.cekura.ai), which are legitimate resources for the skill's intended functionality.\n- [REMOTE_CODE_EXECUTION]: Provides templates and examples for Python custom_code metrics to be executed on the Cekura platform. This is a legitimate feature for advanced metric logic and does not involve untrusted remote execution.\n- [PROMPT_INJECTION]: The skill processes untrusted call transcripts, establishing an indirect prompt injection surface. \n
- Ingestion points: Untrusted data enters the agent context via {{transcript}}, {{transcript_json}}, and {{dynamic_variables}} placeholders (as described in SKILL.md).\n
- Boundary markers: Prompt patterns use clear delimiters such as '---------' and structural headers like 'INPUTS:' and 'SECTION:' (defined in prompt-patterns.md).\n
- Capability inventory: The skill facilitates call evaluation through API requests and supports the execution of custom Python logic for scoring.\n
- Sanitization: Guidelines in SKILL.md and prompt-patterns.md mandate the use of 'spirit vs letter' evaluation principles and require explicit pass/fail examples to prevent malicious content within transcripts from overriding evaluation logic.
Audit Metadata