Skills
skills/pidgin-sh/skills/pidgin-share/Gen Agent Trust Hub

pidgin-share

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill is designed to read local files and upload them to the pidgin.sh API. While this is the intended purpose, it results in the transmission of user data to a remote service.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via its interactive 'response channel' feature, which instructs the agent to process external data.\n
  • Ingestion points: JSON output from the scripts/pidgin wait command.\n
  • Boundary markers: None. There are no instructions to differentiate between data and instructions in the external payload.\n
  • Capability inventory: The agent has shell access and file interaction capabilities.\n
  • Sanitization: No sanitization or validation of the remote payload is performed before the agent acts on it.\n- [COMMAND_EXECUTION]: The skill utilizes a Bash script to handle API interactions. The script uses curl for network requests and manages background tasks using temporary files in /tmp.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 06:43 PM