skills/iii-hq/iii/iii-core-primitives/Gen Agent Trust Hub

iii-core-primitives

Pass

Audited by Gen Agent Trust Hub on Jun 25, 2026

Risk Level: SAFE
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The documentation describes adding workers from workers.iii.dev and OCI registries. These are official distribution channels for the iii framework and represent standard extension mechanisms.
  • [COMMAND_EXECUTION]: The worker manifest examples (iii.worker.yaml) include scripts for installation and execution, such as pip install and python start. These are intended for local runtime configuration and follow standard development patterns.
  • [PROMPT_INJECTION]: While the skill facilitates processing external data via triggers (HTTP, events), which is a common surface for indirect prompt injection, it is the fundamental purpose of the framework and the examples demonstrate basic data validation techniques.
  • [SAFE]: The skill includes explicit security guidance, such as avoiding secrets in metadata and using environment variables for sensitive authentication fields in HTTP-invoked functions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 25, 2026, 11:50 AM
Security Audit — agent-trust-hub — iii-core-primitives