live-cursors
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill contains extensive documentation and code examples for executing shell commands and managing long-lived processes within virtualized environments (agentOS). These capabilities are core intended features of the platform for building code interpreters and automated pipelines.
- [EXTERNAL_DOWNLOADS]: Instructions are provided to install framework-specific packages from NPM and add additional developer tools via the author's official registry (e.g.,
npx skills add rivet-dev/skills). These resources are part of the author's verified ecosystem and are documented neutrally as setup prerequisites. - [PROMPT_INJECTION]: The skill describes architectural patterns for agents that ingest data from external sources like webhooks and chat platforms (e.g., in
reference/agent-os/webhooks.md). This creates a surface for indirect prompt injection. The documentation acknowledges this risk by including security checklists that recommend implementing authorization, resource limits, and human-in-the-loop permissions.
Audit Metadata