omni-model-builder
Pass
Audited by Gen Agent Trust Hub on May 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill instructions utilize the
omniCLI for model builder tasks, which is the intended functionality. Commands such asomni models yaml-createandomni models merge-branchare used within a structured workflow that emphasizes branching and validation. - [SAFE]: The skill references vendor-managed URLs from
github.com/exploreomnianddocs.omni.cofor documentation and installation guidance. These references are documented neutrally as they originate from trusted vendor infrastructure. - [SAFE]: A potential indirect prompt injection surface exists where the skill ingests model metadata via
omni models yaml-getandomni models get-topic(SKILL.md). There are no specific boundary markers or sanitization routines for this data. However, the skill provides a capability inventory including model modification (omni models yaml-create) and query execution (omni query run) which are tempered by mandatory validation steps (omni models validate) and user confirmation requirements.
Audit Metadata