using-modern-cli
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill establishes a workflow where the agent reads and processes untrusted local file content. * Ingestion points: File reading and searching via bat, rg, and fd as specified in SKILL.md. * Boundary markers: No delimiters or ignore-instructions are defined for the ingested data. * Capability inventory: The agent has Bash tool access, enabling command execution and file modification via tools like sd. * Sanitization: No sanitization or validation of the file content is present before processing.
Recommendations
- AI detected serious security threats
Audit Metadata