Skills
skills/mz038197/vanscoding-skills/add-line-channel/Gen Agent Trust Hub

add-line-channel

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Provides instructions to install the official cloudflared utility via the Windows Package Manager (winget) to facilitate public access to the local webhook server.
  • [COMMAND_EXECUTION]: Utilizes shell commands to install Python dependencies (pip install aiohttp) and configure/run Cloudflare Tunnels (cloudflared tunnel).
  • [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection as the skill processes incoming text messages from the LINE platform and forwards them to the agent's message bus.
  • Ingestion points: The _handle_webhook and _process_event methods in nanobot/channels/line.py ingest raw text from external LINE users.
  • Boundary markers: No explicit delimiter or "ignore instructions" wrapping is specified in the provided implementation snippets.
  • Capability inventory: Incoming messages are routed to the AgentLoop, which possesses the capability to interpret and act upon natural language input.
  • Sanitization: The implementation correctly verifies request signatures using HMAC-SHA256 to ensure authenticity, though it does not perform content-level sanitization of the message body prior to agent interpolation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:52 AM