sokosumi

Pass

Audited by Gen Agent Trust Hub on May 28, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's components are fetched from the vendor's official GitHub repository (github.com/masumi-network/sokosumi-cli) using the skills CLI tool as part of its installation process.
  • [COMMAND_EXECUTION]: The agent is instructed to execute the sokosumi CLI to perform marketplace tasks like listing agents, hiring services, and monitoring job completion.
  • [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing data returned from external agents and jobs on the Sokosumi platform.
  • Ingestion points: Marketplace job results, event logs, and file outputs retrieved through sokosumi jobs get and sokosumi tasks get commands (SKILL.md).
  • Boundary markers: There are no specified delimiters or security instructions to prevent the primary agent from inadvertently following commands embedded within the output returned by a hired agent.
  • Capability inventory: The agent has the ability to execute shell commands via the sokosumi CLI.
  • Sanitization: No explicit sanitization, filtering, or validation is mentioned for the data fetched from external sources before it is analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 28, 2026, 08:03 PM
Security Audit — agent-trust-hub — sokosumi