tooluniverse-custom-tool
Pass
Audited by Gen Agent Trust Hub on May 27, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill provides documentation and code templates for building custom tools. The examples are standard and educational, with no malicious patterns detected. It correctly instructs users to store API keys in environment variables via
.tooluniverse/.envfiles, which is a recommended practice for preventing hardcoded credentials. - [INDIRECT_PROMPT_INJECTION]: The instructions describe creating tools that ingest data from external REST APIs, which creates a potential surface for indirect prompt injection.
- Ingestion points: Tools ingest data from external API responses.
- Boundary markers: Structural validation is implemented via the return_schema field.
- Capability inventory: Tools are capable of making HTTP requests and performing local data processing.
- Sanitization: Structural validation is supported, but content-level sanitization for LLM inputs is not explicitly detailed.
Audit Metadata