product-naming
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use shell commands, including
whois,dig, andcurl, to verify the status of domains and social media accounts. These commands are configured for specific availability lookups and piped to filters for data extraction. - [PROMPT_INJECTION]: The skill's workflow involves ingesting untrusted data from external sources, presenting an indirect prompt injection surface. Ingestion points: Data entering the context from registrar responses, shell command outputs, and web searches for trademark information. Boundary markers: The author has implemented a robust 'External Content Trust Boundary' in
SKILL.mdandreferences/validation.mdwhich warns the agent to ignore any embedded directives. Capability inventory: The skill uses subprocess calls via shell (whois,curl,dig) and performs file-write operations to the.artifacts/docs/directory. Sanitization: There are explicit instructions for the agent to extract only availability signals and discard any behavioral suggestions or directives found in HTML or search results.
Audit Metadata