docyrus-tenant-brand-management

Pass

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the docyrus CLI to perform administrative tasks on brand records. Commands such as docyrus account brands create, update, and delete are used to manage tenant-scoped data. This execution is limited to the vendor's own platform tooling and is necessary for the skill's functionality.
  • [EXTERNAL_DOWNLOADS]: The fetch-from-website command enables the agent to scrape content from a brand's website to automatically populate identity fields. This involves retrieving data from user-provided external URLs.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its data ingestion features.
  • Ingestion points: Data is ingested from external websites via fetch-from-website and from existing brand records via get and list commands as documented in SKILL.md.
  • Boundary markers: No specific delimiters or instructions to ignore embedded commands are applied to the data retrieved from the CLI or scraped from websites.
  • Capability inventory: The agent can execute docyrus CLI commands to modify tenant brand records, which could be influenced if the ingested data contains malicious instructions.
  • Sanitization: The skill documentation does not specify validation or sanitization of ingested content (such as brand voice guidelines or scraped text) before it is processed.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 24, 2026, 07:23 PM
Security Audit — agent-trust-hub — docyrus-tenant-brand-management