Skills
skills/orq-ai/assistant-plugins/generate-synthetic-dataset/Gen Agent Trust Hub

generate-synthetic-dataset

Pass

Audited by Gen Agent Trust Hub on Apr 23, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute curl commands for interacting with the orq.ai HTTP API. This is primarily used for bulk dataset operations that exceed MCP tool limits.
  • [DATA_EXFILTRATION]: The skill performs network operations via curl and WebFetch targeting the api.orq.ai domain. These operations are used to fetch and update dataset content on the vendor's platform and are considered legitimate vendor-related activities.
  • [PROMPT_INJECTION]: The skill is designed to ingest and curate data from existing datasets, creating an indirect prompt injection surface.
  • Ingestion points: Dataset content is retrieved through the list_datapoints MCP tool and HTTP GET requests to the orq.ai API.
  • Boundary markers: The instructions do not specify technical delimiters for ingested data; however, the workflow includes explicit constraints requiring manual quality review of all generated or modified data.
  • Capability inventory: The skill has access to Bash (curl), Write, Edit, and specific dataset management tools (create_datapoints, update_datapoint, delete_datapoints).
  • Sanitization: No automated sanitization or filtering of external input data is mentioned, relying instead on the user's manual review process.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 23, 2026, 11:20 AM