daily-update
Fail
Audited by Gen Agent Trust Hub on May 18, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Installs a persistent background service on macOS by writing a plist configuration file to the ~/Library/LaunchAgents/ directory and using the launchctl utility to load it for daily execution.- [COMMAND_EXECUTION]: Modifies user shell profile files (such as .bashrc and .zshrc) to source an external script from the repository, causing code to be executed every time a new terminal session is initiated.- [COMMAND_EXECUTION]: Executes a local shell script (daily-update.sh) and uses the sed utility to perform automated modifications to configuration files.- [PROMPT_INJECTION]: Ingests potentially untrusted data from the vault, including markdown pages and manifest JSON files, to drive its maintenance logic. The absence of boundary markers or content sanitization, combined with the skill's powerful command execution capabilities, creates a risk for indirect prompt injection.
Recommendations
- AI detected serious security threats
Audit Metadata