Skills
skills/artemnovichkov/skills/oslog/Gen Agent Trust Hub

oslog

Warn

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the /usr/bin/log utility to interact with system logs.
  • Evidence: SKILL.md contains commands like /usr/bin/log show, /usr/bin/log stream, and /usr/bin/log collect.
  • The log collect command is explicitly prefixed with sudo, requiring elevated permissions to bundle system logs into a .logarchive.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection via the content of the logs it processes.
  • Ingestion points: Log messages retrieved from the system log store or .logarchive files via /usr/bin/log show (SKILL.md).
  • Boundary markers: No delimiters or instructions are provided to the agent to treat log message content as untrusted data.
  • Capability inventory: The skill can execute various shell commands including /usr/bin/log, grep, and sort (SKILL.md).
  • Sanitization: No escaping or validation is performed on the log data before it is ingested into the agent context.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 17, 2026, 11:03 AM