pippit-one-stop-skill
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its integration with external API data. Ingestion points: Data is pulled into the agent context from the Pippit API via scripts/nest/get_thread.py and scripts/publish/list_videos.py. Boundary markers: The agent is instructed in SKILL.md to present API-originated questions to the user and await their confirmation before proceeding, establishing a procedural trust boundary. Capability inventory: The skill can execute file operations (upload/download) and perform social media task management through localized Python scripts. Sanitization: The skill relies on structured JSON parsing but does not implement additional sanitization for natural language content returned by the remote service.
Audit Metadata