koog

[Skill Scanner] Detected system prompt override attempt All findings: [CRITICAL] prompt_injection: Detected system prompt override attempt (PI004) [AITech 1.1] [HIGH] command_injection: Backtick command substitution detected (CI003) [AITech 9.1.4] Benign framework documentation that legitimately exposes high‑privilege agent capabilities (filesystem tools, shell execution, memory and tracing/persistence). No direct malicious code or obfuscation found. Main security concern: the framework provides tools that can read arbitrary files and execute shell commands and features that can persist or forward agent data; these capabilities are appropriate for some agent use cases but must be strictly controlled in deployments. Recommend auditing which tools are registered, restricting filesystem and shell tools in sensitive environments, and carefully configuring tracing/memory destinations. LLM verification: This SKILL.md documents a powerful AI agent framework whose documented capabilities are consistent with its purpose but include high-risk operations: arbitrary file reads, shell execution, and automatic forwarding of tool outputs to external LLM providers and optional remote tracing. The provided fragment contains no direct malware or obfuscated payloads, but the combination of capabilities enables credential or data exfiltration if misused or run with overly-permissive defaults. Treat this skil