developing-bash-scripts
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructions require the agent to read and evaluate user-provided Bash scripts or natural language requests to classify, write, or refactor code. This ingestion of untrusted data creates a surface for indirect prompt injection.\n
- Ingestion points: User-provided scripts or requests described in
SKILL.md.\n - Boundary markers: No specific delimiters or safety warnings are implemented to separate user data from the agent's instructions.\n
- Capability inventory: The skill is designed to generate, review, and refactor executable Bash scripts across several files (
developing-simple-bash-scripts.md,developing-complex-bash-scripts.md).\n - Sanitization: There is no explicit validation or sanitization mentioned for the content of the user-provided code before it is processed or refactored.\n- [COMMAND_EXECUTION]: The
reference-code-blocks.mdfile contains a template for argument parsing that utilizes theevalcommand.\n - Evidence:
eval set -- \"${args}\"in theparse_argsfunction withinreference-code-blocks.md.\n - Context: While this is the standard idiomatic way to handle long options with the
getoptutility in Bash, it constitutes dynamic code execution of a string generated at runtime.
Audit Metadata