agent-eval
Warn
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill's installation instructions require downloading and installing a Python package directly from a third-party GitHub repository (
github.com/joaquinhuigomez/agent-eval.git). This source is not verified or managed by the skill's listed author. - [COMMAND_EXECUTION]: The skill executes arbitrary shell commands defined in YAML task files as part of its 'judge' mechanism (e.g.,
pytest,npm run build). This could lead to local command execution if task definitions are sourced from untrusted origins. - [PROMPT_INJECTION]: The skill functions by ingesting external YAML files that include prompts and evaluation criteria. This architecture is susceptible to indirect prompt injection where malicious instructions embedded in a task file could influence the agent's behavior or evaluation results.
- Ingestion points: YAML task definitions in the
tasks/directory (SKILL.md). - Boundary markers: None identified in the provided documentation.
- Capability inventory: The skill utilizes Bash, Write, Edit, and LLM tool capabilities.
- Sanitization: There is no evidence of command sanitization or prompt validation before execution or interpolation.
Audit Metadata