Skills
skills/disk0dancer/climate/climate-generator/Gen Agent Trust Hub

climate-generator

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes OpenAPI specifications from remote URLs or local files to generate Go source code and markdown skill prompts. This introduces a surface for indirect prompt injection where malicious instructions embedded in the API documentation could influence the agent's behavior.
  • Ingestion points: External OpenAPI 3.x specifications fetched via URL or local path in the climate generate command.
  • Boundary markers: None identified. The skill instructions do not specify any delimiters or warnings to prevent the agent from obeying instructions found within the spec.
  • Capability inventory: The skill performs file system writes (--out-dir), binary compilation, and network requests (via the publish command and URL fetching).
  • Sanitization: No sanitization or validation of the OpenAPI spec content is mentioned prior to code generation.
  • [COMMAND_EXECUTION]: The skill relies on the climate CLI for its core functionality. The climate publish command supports passing a GitHub token using the --github-token flag, which is a potential security risk as command-line arguments can be exposed in process listings or shell history.
  • [REMOTE_CODE_EXECUTION]: The climate generate command dynamically generates Go source code based on the provided OpenAPI specification and then compiles it into an executable binary. This workflow involves executing a compiler on code that is constructed from untrusted external input.
  • [EXTERNAL_DOWNLOADS]: The skill involves downloading the climate utility via a Homebrew tap and fetching OpenAPI specification files from HTTP(S) URLs provided by the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 12:43 PM
Security Audit — agent-trust-hub — climate-generator