openai
Pass
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the 'x' CLI tool to perform various AI tasks, such as 'x openai chat request' and 'x openai audio generate'.
- [DATA_EXFILTRATION]: The skill is designed to send user input and local file contents to OpenAI's official API for processing. This behavior is documented as the core functionality of the skill.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it reads content from local files using the '--file' flag to provide context for AI requests. Ingestion points: Local file contents provided via the '--file' flag (SKILL.md). Boundary markers: None explicitly defined in the instruction patterns. Capability inventory: Network communication with OpenAI API and local file system read access. Sanitization: No validation or escaping of the processed file content is mentioned.
Audit Metadata