Skills
skills/coval-ai/coval-external-skills/manage-widgets/Gen Agent Trust Hub

manage-widgets

Pass

Audited by Gen Agent Trust Hub on Apr 9, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the 'coval' CLI tool to perform dashboard management operations such as listing, retrieving, updating, and deleting widgets. These operations are consistent with the skill's stated purpose and represent the intended use of the vendor's command-line interface.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes external data including dashboard IDs and widget configurations.
  • Ingestion points: Data is ingested through user-provided arguments and output from 'coval' CLI commands in 'SKILL.md'.
  • Boundary markers: No explicit boundary markers or delimiters are defined to separate untrusted data from instructions.
  • Capability inventory: The skill executes shell commands using the 'coval' CLI ('SKILL.md').
  • Sanitization: There is no explicit sanitization of input data within the instructions; the skill relies on the agent's underlying safety layers and the CLI's internal validation.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 9, 2026, 11:44 AM