docyrus-tenant-brand-management
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
docyrusCLI to perform administrative tasks on brand records. Commands such asdocyrus account brands create,update, anddeleteare used to manage tenant-scoped data. This execution is limited to the vendor's own platform tooling and is necessary for the skill's functionality. - [EXTERNAL_DOWNLOADS]: The
fetch-from-websitecommand enables the agent to scrape content from a brand's website to automatically populate identity fields. This involves retrieving data from user-provided external URLs. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through its data ingestion features.
- Ingestion points: Data is ingested from external websites via
fetch-from-websiteand from existing brand records viagetandlistcommands as documented inSKILL.md. - Boundary markers: No specific delimiters or instructions to ignore embedded commands are applied to the data retrieved from the CLI or scraped from websites.
- Capability inventory: The agent can execute
docyrusCLI commands to modify tenant brand records, which could be influenced if the ingested data contains malicious instructions. - Sanitization: The skill documentation does not specify validation or sanitization of ingested content (such as brand voice guidelines or scraped text) before it is processed.
Audit Metadata