nav-stats
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill invokes 'bash scripts/session-stats.sh' and 'source <(bash scripts/session-stats.sh)'. This facilitates arbitrary code execution by a malicious repository. Evidence Chain: 1. Ingestion points: 'scripts/session-stats.sh'. 2. Boundary markers: Absent. 3. Capability inventory: 'bash' and 'python3'. 4. Sanitization: Absent.
- Dynamic Execution (MEDIUM): The skill executes 'python3' on local scripts from the 'skills/nav-stats/functions/' directory without verifying their integrity.
Recommendations
- AI detected serious security threats
Audit Metadata