linkly-ai
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill README provides instructions to download and execute installation scripts for the 'linkly' CLI directly from the vendor's official update server (updater.linkly.ai). This includes shell scripts for Unix-like systems and PowerShell scripts for Windows environments.- [COMMAND_EXECUTION]: The agent is instructed to use the local terminal to execute
linklycommands for searching documents, retrieving structural outlines, and running system diagnostics via thelinkly doctorutility.- [PROMPT_INJECTION]: As the skill's primary function is to ingest and display content from external documents (PDF, Markdown, etc.), it presents an indirect prompt injection surface. To address this, the skill includes explicit safety guidelines directing the agent to treat all document content as untrusted data and to ignore any embedded instructions or commands found within them.
Audit Metadata