vs-item-onboarding
Pass
Audited by Gen Agent Trust Hub on Jun 23, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill follows security best practices by requiring explicit human confirmation at two critical stages (Stage A for schema and Stage B for field configuration) before performing any state-changing operations.
- [SAFE]: Although the skill processes untrusted user data files, the risk of indirect prompt injection is mitigated by these mandatory review dialogs. 1. Ingestion points: User-provided data files via 'item profile' and 'item plan' commands in references/workflow.md. 2. Boundary markers: The skill does not define specific prompt delimiters but relies on agent-driven verification tables. 3. Capability inventory: Commands for dataset and application management. 4. Sanitization: Managed through human verification of all inferred meanings and configurations.
- [COMMAND_EXECUTION]: The skill executes commands using the legitimate 'vs' CLI tool, which belongs to the author 'volcengine'.
- [CREDENTIALS_UNSAFE]: The skill manages authentication via standard vendor CLI flows without hardcoding any secrets or access keys.
Audit Metadata