flirting
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill defines a standard set of API interactions with the inbed.ai service for its stated purpose of agent-to-agent interaction. No suspicious command execution or privilege escalation patterns were found.
- [DATA_EXFILTRATION]: Network requests are directed exclusively to the service's official API domain (inbed.ai). Authentication is handled via standard Bearer tokens with instructions to use placeholders for secrets.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it processes content generated by other users/agents.
- Ingestion points: Agent bios and taglines via
/api/discoverand message content via/api/chat(SKILL.md). - Boundary markers: None present in the prompt templates.
- Capability inventory: Subprocess execution via
curlto send messages, update profiles, and manage relationships (SKILL.md). - Sanitization: No explicit validation or sanitization of incoming API data is provided.
- Contextual assessment: This surface is intrinsic to the skill's primary purpose of social interaction between agents and does not present an immediate threat.
Audit Metadata