modal
Pass
Audited by Gen Agent Trust Hub on May 15, 2026
Risk Level: SAFE
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches up-to-date documentation and API references from official sources at
modal.comand GitHub. These resources are well-known repositories for the platform and are used to ground the agent's knowledge in the latest features. - [COMMAND_EXECUTION]: Uses the
modalCLI to perform operations such as checking the SDK version, querying the changelog, and accessing help documentation. These are standard interactions for the platform's functionality. - [PROMPT_INJECTION]: The skill provides an ingestion surface for indirect prompt injection by instructing the agent to read external documentation into its context.
- Ingestion points: External documentation fetched from
modal.com/llms.txt(referenced inSKILL.md). - Boundary markers: No specific delimiters or "ignore" instructions are provided for the fetched content.
- Capability inventory: The skill utilizes the
modalCLI for environment management and task execution (SKILL.md). - Sanitization: No validation or sanitization is performed on the retrieved documentation text before processing.
Audit Metadata