Skills
skills/orderlynetwork/orderly-skills/orderly-plugin-submit/Gen Agent Trust Hub

orderly-plugin-submit

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes the orderly-devkit submit command to interact with the Orderly Marketplace API. This is the primary intended function of the skill and utilizes the vendor's own command-line interface tool.
  • [DATA_EXFILTRATION]: Transmits plugin metadata and documentation (such as README content and usage prompts) to the Marketplace API. This behavior is transparently documented as the skill's purpose and is triggered only upon explicit user confirmation.
  • [PROMPT_INJECTION]: The skill processes user-generated documentation content. To mitigate risks associated with indirect prompt injection or accidental misconfiguration, the skill implements multiple human-in-the-loop checkpoints, requiring the user to approve README generation, verify the drafted usagePrompt, and review a dry-run payload before the final submission.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 07:23 AM