Skills
skills/4eta/boku-no-kanngaeta-saikyo-yakinamashi-tips/sa-improve/Gen Agent Trust Hub

sa-improve

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill's core function is to analyze untrusted user-supplied code, making it highly vulnerable to indirect prompt injection where malicious instructions are hidden within the code or logs.
  • Ingestion points: Processes 'Simulated Annealing (SA) solver/code snippet' and 'score/logs' provided by the user.
  • Boundary markers: Absent; there are no instructions to the agent to isolate the untrusted code from its command context.
  • Capability inventory: High; the skill references an external shell script (scripts/sa_improve.sh), which indicates high-privilege shell execution capabilities.
  • Sanitization: Absent; no filtering or validation of user-provided content is mentioned.
  • [COMMAND_EXECUTION] (MEDIUM): The skill relies on a local shell script for its operations. Executing logic via shell scripts based on analysis of untrusted input presents a danger of command injection if the script processes the input unsafely.
  • Evidence: Instruction to 'Read scripts/improve.sh' suggests dependency on executable shell logic.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:32 PM