Skills
skills/vm0-ai/vm0-skills/strava/Gen Agent Trust Hub

strava

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection by ingesting untrusted data from the Strava API.
  • Ingestion points: Activity comments, descriptions, and names retrieved from the Strava API (SKILL.md).
  • Boundary markers: Absent; the skill does not use delimiters or warnings to separate external data from system instructions.
  • Capability inventory: Executes shell commands via curl and writes temporary request data to /tmp/strava_request.json (SKILL.md).
  • Sanitization: None; the retrieved content is processed using jq for filtering but is not sanitized to prevent the execution of embedded instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 04:44 PM