Skills
NYC
skills/aidotnet/moyucode/text-diff/Gen Agent Trust Hub

text-diff

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [Data Exposure & Exfiltration] (HIGH): The script scripts/text_diff.py allows reading and writing arbitrary files based on user-provided paths.
  • Evidence: The read_file function and the --output flag in main() use standard open() calls without any path sanitization or sandboxing, enabling access to sensitive files like ~/.ssh/id_rsa or .env.
  • [Indirect Prompt Injection] (HIGH): The skill possesses a high-risk surface for indirect prompt injection due to its core functionality.
  • Ingestion points: read_file in scripts/text_diff.py reads content from external, potentially attacker-controlled files.
  • Boundary markers: Absent; file content is directly processed and returned to the agent context.
  • Capability inventory: The skill has file-write capabilities via the --output flag in main().
  • Sanitization: Absent; the script does not filter or escape content from the files it compares.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:04 AM