apaas-attachment

Pass

Audited by Gen Agent Trust Hub on Jul 8, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill involves downloading content from external sources (aPaaS servers) which represents a potential surface for indirect prompt injection if the agent were to process the file content as instructions.
  • Ingestion points: The client.attachment.file.download and client.attachment.avatar.download methods fetch binary data from the API.
  • Boundary markers: No explicit boundary markers are defined for the downloaded content.
  • Capability inventory: The skill has the ability to read local files (fs.createReadStream) and delete remote files (client.attachment.file.delete).
  • Sanitization: The skill contains explicit safety instructions advising against printing binary payloads, raw file contents, or private metadata, which mitigates the risk of data leakage.
  • [COMMAND_EXECUTION]: The skill documentation includes code for local file system interaction (reading files via fs) and file deletion. These operations are consistent with the skill's primary purpose of managing attachments.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 8, 2026, 02:41 AM
Security Audit — agent-trust-hub — apaas-attachment