lx-space
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: The analysis did not reveal any malicious patterns, obfuscation, or unauthorized data access. The skill operates within its defined scope of managing knowledge base metadata.
- [COMMAND_EXECUTION]: The skill relies on the 'lx' CLI for all operations. These commands (e.g., lx space list-spaces, lx team describe-team) are vendor-specific and used for intended administrative purposes.
- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface where it ingests data such as space IDs and team IDs from external sources like URLs or previous tool outputs. 1. Ingestion points: User-provided strings or IDs extracted from URLs in SKILL.md and references/space-team.md. 2. Boundary markers: Not specified in the current instructions. 3. Capability inventory: Subprocess execution of 'lx' CLI commands throughout the skill. 4. Sanitization: No explicit sanitization or validation of input identifiers is described in the prompt logic.
Audit Metadata