openrouter-generations

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFE
Full Analysis
  • [DATA_EXPOSURE]: The skill makes network requests to openrouter.ai (an official domain of a well-known service) to retrieve metadata and content for specific generation IDs. This behavior is consistent with the skill's stated purpose.
  • [CREDENTIALS_UNSAFE]: The skill requires an OpenRouter API key but does not include any hardcoded secrets. It correctly utilizes environment variables (OPENROUTER_API_KEY) or explicit command-line flags for credential management.
  • [INDIRECT_PROMPT_INJECTION]: The skill exposes a potential attack surface by retrieving and displaying raw prompt and completion content from an external API.
  • Ingestion points: Data is ingested in get-generation-content.ts via the /api/v1/generation/content endpoint.
  • Boundary markers: Output is separated by clear visual markers such as === INPUT === and === OUTPUT ===.
  • Capability inventory: The skill's scripts are restricted to network communication with OpenRouter; they do not perform file system writes or execute shell commands based on the retrieved data.
  • Sanitization: The skill prints retrieved content directly to the console without sanitization, which is expected for a debugging and inspection tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:41 AM
Security Audit — agent-trust-hub — openrouter-generations