sokosumi
Pass
Audited by Gen Agent Trust Hub on May 28, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's components are fetched from the vendor's official GitHub repository (github.com/masumi-network/sokosumi-cli) using the
skillsCLI tool as part of its installation process. - [COMMAND_EXECUTION]: The agent is instructed to execute the
sokosumiCLI to perform marketplace tasks like listing agents, hiring services, and monitoring job completion. - [PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection by processing data returned from external agents and jobs on the Sokosumi platform.
- Ingestion points: Marketplace job results, event logs, and file outputs retrieved through
sokosumi jobs getandsokosumi tasks getcommands (SKILL.md). - Boundary markers: There are no specified delimiters or security instructions to prevent the primary agent from inadvertently following commands embedded within the output returned by a hired agent.
- Capability inventory: The agent has the ability to execute shell commands via the
sokosumiCLI. - Sanitization: No explicit sanitization, filtering, or validation is mentioned for the data fetched from external sources before it is analyzed by the agent.
Audit Metadata