auth-tool-cloudbase

Pass

Audited by Gen Agent Trust Hub on May 19, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: No malicious patterns or security vulnerabilities were identified. The skill follows best practices by using placeholders for sensitive configuration values and directing users to official consoles.
  • [EXTERNAL_DOWNLOADS]: References official skill sources and image assets from trusted domains including cnb.cool (Tencent's cloud-native build platform) and tencent-cloud.cn.
  • [COMMAND_EXECUTION]: Utilizes management tools such as queryAppAuth and manageAppAuth to modify cloud environment settings, which aligns with the skill's intended purpose of authentication provider management.
  • [PROMPT_INJECTION]: Exhibits an indirect prompt injection surface as it processes user-supplied authentication configuration data. 1. Ingestion points: User-provided credentials (SMTP, OAuth) and provider settings processed in SKILL.md. 2. Boundary markers: Absent in the provided instructions. 3. Capability inventory: Management APIs via manageAppAuth and callCloudApi in SKILL.md. 4. Sanitization: Not explicitly documented in the skill's instructions, relying on the underlying tool implementation.
Audit Metadata
Risk Level
SAFE
Analyzed
May 19, 2026, 05:06 PM
Security Audit — agent-trust-hub — auth-tool-cloudbase