china-growth-ops
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill includes a local shell script 'scripts/doctor.sh' designed to verify the installation of system tools like Git, GitHub CLI, and OpenClaw. This involves executing local commands to check for executable availability.
- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill is designed to generate content and manage interactions on platforms like Xiaohongshu and Douyin.
- Ingestion points: Untrusted content enters the agent context through platform-specific data and user-generated content (e.g., chat replies and comment preparation) as described in 'SKILL.md' and 'references/platforms.md'.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the templates.
- Capability inventory: The skill utilizes capabilities including browser automation via OpenClaw and repository management through the GitHub CLI as referenced in 'scripts/doctor.sh'.
- Sanitization: No input validation or sanitization mechanisms are defined to handle potentially malicious instructions in platform data.
Audit Metadata