Skills
skills/shashwatgtm/optise-helix-aeo-skills/optise-helix-eu-trust-centre/Gen Agent Trust Hub

optise-helix-eu-trust-centre

Pass

Audited by Gen Agent Trust Hub on Apr 16, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains a surface for indirect prompt injection findings based on its operational design.
  • Ingestion points: In Step 4, the skill accepts and fetches content from a user-provided URL to perform a 'Trust Centre audit'.
  • Boundary markers: The skill does not define specific delimiters or instructions to the agent to ignore embedded commands within the fetched URL content.
  • Capability inventory: The skill uses web_fetch and web_search and can pass data to other skills like optise-helix-fitq-audit.
  • Sanitization: No explicit sanitization or filtering logic is provided for content retrieved from external sources.
  • [DATA_EXFILTRATION]: The skill uses web_fetch and web_search to access arbitrary external domains, which is a standard functional requirement for verifying facts and auditing pages but technically allows network requests to non-whitelisted destinations.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 16, 2026, 02:41 PM
Security Audit — agent-trust-hub — optise-helix-eu-trust-centre