draxarp
Pass
Audited by Gen Agent Trust Hub on Apr 13, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill's core functionality relies on executing the
orbitCLI (aliased asdx) to interact with the Draxarp platform. - [EXTERNAL_DOWNLOADS]: The skill retrieves project data, specifications, and documentation from a remote API (
/api/admin/v1/intelligence/*). - [DATA_EXFILTRATION]: The skill includes telemetry features via the
trackingcommand, which transmits workflow events and token usage data from a local database to the remote platform. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by ingesting and processing unstructured data from the Draxarp API and local JSON files.
- Ingestion points: Data enters the context via
orbit dx task context,orbit dx mem view,orbit dx spec view,orbit dx doc view, andorbit dx doc sync. - Boundary markers: The instructions do not employ delimiters or markers to isolate ingested content from the agent's instructions.
- Capability inventory: The agent has permission to execute varied CLI commands, providing a significant capability surface if malicious instructions are ingested.
- Sanitization: The skill lacks explicit sanitization or filtering logic for content retrieved from external sources.
Audit Metadata