iii-core-primitives
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: The documentation describes adding workers from
workers.iii.devand OCI registries. These are official distribution channels for the iii framework and represent standard extension mechanisms. - [COMMAND_EXECUTION]: The worker manifest examples (
iii.worker.yaml) include scripts for installation and execution, such aspip installandpython start. These are intended for local runtime configuration and follow standard development patterns. - [PROMPT_INJECTION]: While the skill facilitates processing external data via triggers (HTTP, events), which is a common surface for indirect prompt injection, it is the fundamental purpose of the framework and the examples demonstrate basic data validation techniques.
- [SAFE]: The skill includes explicit security guidance, such as avoiding secrets in metadata and using environment variables for sensitive authentication fields in HTTP-invoked functions.
Audit Metadata