Skills
skills/vdustr/skills/vp-skills/Gen Agent Trust Hub

vp-skills

Pass

Audited by Gen Agent Trust Hub on May 8, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and executes the skills package from the NPM registry using npx. The package is provided by Vercel Labs, a well-known service provider.
  • [COMMAND_EXECUTION]: Utilizes shell commands to interact with the skills CLI for adding, removing, and listing agent capabilities.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of external content by downloading skill definitions from GitHub repositories. This presents a potential surface for indirect prompt injection if the agent is directed to install skills from untrusted or malicious sources.
Audit Metadata
Risk Level
SAFE
Analyzed
May 8, 2026, 11:53 AM