Skills
skills/arjunmahishi/dotfiles/tsq/Gen Agent Trust Hub

tsq

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill facilitates the execution of the tsq command-line tool via subprocess calls to analyze code structure, such as tsq query and tsq symbols.\n- [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection (Category 8) because it ingests untrusted code data.\n
  • Ingestion points: Untrusted data enters the agent context through the --file and --path arguments which point to external source code files.\n
  • Boundary markers: Absent. The JSON output schemas (QueryMatch, SymbolsResult, FileOutline) return raw text from the code (e.g., doc, source, text) without using delimiters to separate code content from instructions.\n
  • Capability inventory: The skill provides structural data that agents typically use to perform follow-up tasks like refactoring, code modification, or execution.\n
  • Sanitization: Absent. There is no mention of sanitizing or escaping the extracted content, allowing instructions embedded in code comments or symbols to be processed directly by the agent's reasoning engine.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:44 AM