antislop
Fail
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The 'Pattern Refresh Protocol' section in
SKILL.mdcontains instructions for the agent to execute shell commands usingcurl,python3, and an external CLI toolgeminito update the skill's detection patterns. - [EXTERNAL_DOWNLOADS]: The skill fetches updated AI writing patterns from Wikipedia's public API (
en.wikipedia.org). Wikipedia is a well-known and generally trusted service for informational content, and these references are documented neutrally. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it ingests and processes untrusted user-provided text to provide editing suggestions. Ingestion points: User-provided text submitted via the
/antislopcommand or direct prompts. Boundary markers: None detected; the skill does not appear to use specific delimiters or 'ignore' instructions for the input text. Capability inventory: The skill utilizesRead,Edit, andWritetools to modify files based on its analysis. Sanitization: No explicit sanitization or filtering of instructions embedded within the user text was identified.
Recommendations
- HIGH: Downloads and executes remote code from: https://en.wikipedia.org/w/api.php?action=parse&page=Wikipedia:Signs_of_AI_writing&prop=wikitext&format=json, https://en.wikipedia.org/w/api.php?action=parse&page=Wikipedia:WikiProject_AI_Cleanup&prop=wikitext&format=json - DO NOT USE without thorough review
Audit Metadata