Skills
skills/0xdarkmatter/claude-mods/log-ops/Gen Agent Trust Hub

log-ops

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill's documentation and tool-setup guide provide instructions to download and install third-party utilities from official package managers and well-known services. Specifically, it suggests using brew, apt, choco, winget, and cargo to install tools like jq, ripgrep, and angle-grinder. It also provides a direct curl download link for lnav from its official GitHub releases page (https://github.com/tstack/lnav/releases/download/v0.12.2/lnav-0.12.2-linux-musl-x86_64.zip). These downloads target well-known and reputable sources.
  • [COMMAND_EXECUTION]: The skill is entirely centered around executing complex shell commands and multi-stage pipelines in the Bash environment. It utilizes various CLI tools (jq, rg, awk, parallel, mlr, fd) to perform extensive file system operations, including reading, splitting, and writing log data. This level of system interaction is expected for the stated purpose of log operations but represents a high-capability environment.
  • [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8).
  • Ingestion points: The skill is designed to ingest and process untrusted external data from various log sources, including application logs, server logs, and AI agent conversation logs (e.g., conversation.jsonl mentioned in references/analysis-workflows.md).
  • Boundary markers: The provided patterns do not include explicit boundary markers or instructions to the agent to disregard natural language commands that might be embedded within the logs being analyzed.
  • Capability inventory: The skill has access to powerful tools including Bash, Write, and Edit, as defined in the YAML frontmatter of SKILL.md.
  • Sanitization: There is no evidence of sanitization or escaping of the log content before it is processed or presented back to the agent. Malicious instructions placed inside log fields (such as a 'thinking' block or a 'message' field in a recorded conversation) could potentially influence the agent's behavior if it interprets the log data as authoritative instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 11:30 AM