do-nothing-scripting
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [SAFE]: Analysis of the skill instructions and supporting scripts reveals no malicious patterns, obfuscation, or safety bypass attempts.
- [COMMAND_EXECUTION]: The skill performs local command execution for legitimate configuration and validation tasks, including
chmod +xto make generated scripts executable andbash -nfor syntax checking. It also instructs the user to runhistoryto provide input data, which is aligned with the stated primary purpose. - [DATA_EXFILTRATION]: Accesses the shell history file to extract command sequences for script generation. This data remains within the local execution environment and is not transmitted to external domains or unauthorized network endpoints.
- [PROMPT_INJECTION]: The skill has an indirect injection surface as it processes untrusted data from local files or command history. Evidence Chain: (1) Ingestion points: Files processed by
extract_commands.py. (2) Boundary markers: Absent. (3) Capability inventory: Local subprocess calls forpython3,chmod, andbash, and local file writes to./tmp/. (4) Sanitization: Content is parsed for command patterns but not otherwise sanitized. This risk is effectively mitigated by the 'do-nothing' pattern, which ensures the resulting script only prints instructions for manual operator action rather than executing code automatically.
Audit Metadata