Skills
skills/hundunonline/hundun-skills/hundun/Gen Agent Trust Hub

hundun

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFECREDENTIALS_UNSAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [CREDENTIALS_UNSAFE]: The skill stores the user's API key in a local configuration file (~/.hdxy_config) via the set_api_key.sh script. This is the standard method for authenticating with the vendor's platform.
  • [EXTERNAL_DOWNLOADS]: The skill regularly fetches data from hddrapi.hundun.cn, including course contents, system updates, and intent collection requests.
  • [REMOTE_CODE_EXECUTION]: The get_skill_patch.sh script enables the skill to download markdown content from the vendor's server and write it to the local _patch/ directory. Since markdown files serve as instructions for the agent, this allows for the remote modification of agent behavior.
  • [COMMAND_EXECUTION]: The skill utilizes several Bash and PowerShell scripts to interface with the platform's API and handle local data processing, such as decompression and decryption.
  • [DATA_EXFILTRATION]: User interaction data, including search terms and intent descriptions, are sent to the vendor's API via the collect_intent function for logging and analytics.
  • [PROMPT_INJECTION]: The skill processes course scripts retrieved from the vendor's API. These external texts are interpreted by the agent to provide methodology summaries, which presents an indirect prompt injection surface as the content is not sanitized or wrapped in protective delimiters.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 10:51 AM