agent-channelbot
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No malicious code, obfuscation, or security violations were detected. The skill correctly implements its stated functionality for Channel Talk integration.\n- [EXTERNAL_DOWNLOADS]: The skill utilizes the
agent-messengerpackage from the npm registry to provide theagent-channelbotfunctionality. This is a legitimate dependency for the skill's operations and is assessed as safe within the context of the vendor's own resource.\n- [COMMAND_EXECUTION]: The skill uses theBashtool to executeagent-channelbotcommands. These operations are limited to the intended workspace management functions and follow the principle of least privilege.\n- [PROMPT_INJECTION]: The skill reads and processes external messages from Channel Talk, which constitutes a surface for indirect prompt injection. This is a common risk for communication tools but is not indicative of malicious intent in the skill itself.\n - Ingestion points: External data enters the agent's context through tools like
snapshot,chat list, andmessage listthat fetch content from Channel Talk.\n - Boundary markers: The skill does not explicitly define delimiters or specific instructions to help the agent distinguish between its system instructions and the content of the external messages.\n
- Capability inventory: The skill provides tools for sending messages, closing or deleting chats, and managing bot configurations.\n
- Sanitization: No explicit sanitization, filtering, or validation of the text content received from the API is described in the skill's logic.
Audit Metadata