day4-wrap-and-analyze
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill executes
npx skills add ai-native-camp/camp-2to install curriculum updates. This is a vendor-owned resource originating from the skill author ('ai-native-camp') and is used for its intended educational purpose. - [COMMAND_EXECUTION]: The skill provides instructions for the user to execute local management and analysis tools such as
/history-insight,/session-analyzer, and/my-session-wrapto process session metadata and logs. - [PROMPT_INJECTION]: The skill contains a 'fetch-tweet' feature that ingests external data, creating an indirect prompt injection surface. 1. Ingestion points: External tweet text is retrieved via
api.fxtwitter.com(a well-known service). 2. Boundary markers: The prompt uses structured output instructions ('요약-인사이트-전체 번역') to guide the agent, though explicit data delimiters are absent. 3. Capability inventory: The agent is restricted to summarization and translation tasks and does not pass the ingested data to shell execution or high-privilege tool calls. 4. Sanitization: No explicit sanitization or filtering is defined in the skill files, relying on standard model safety guardrails during text processing.
Audit Metadata