hugging-face-tool-builder
Pass
Audited by Gen Agent Trust Hub on Apr 26, 2026
Risk Level: SAFE
Full Analysis
- [DYNAMIC_EXECUTION]: The skill instructions direct the agent to generate and test scripts in Bash, Python, or TSX to automate Hugging Face API tasks. This is standard behavior for a tool-building skill.- [DATA_EXPOSURE_AND_EXFILTRATION]: The instructions recommend using the HF_TOKEN environment variable for authentication, which is a standard and safe practice for managing API secrets.- [INDIRECT_PROMPT_INJECTION]: The skill creates a surface for indirect prompt injection because the generated tools ingest untrusted data from the Hugging Face Hub (model/dataset cards).
- Ingestion points: Data retrieved from API endpoints and repository files (e.g., model cards) as described in SKILL.md.
- Boundary markers: None identified in the skill instructions.
- Capability inventory: The agent is authorized to execute generated scripts and use the hf CLI as specified in SKILL.md.
- Sanitization: No specific sanitization or validation logic is defined for processing the external data.
Audit Metadata