subnet-calculator
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill invokes local command-line execution using environment variables ($SUBNET_MCP_SCRIPT, $MCP_CALL) to run Python-based subnet calculations. User-provided data is embedded into the command arguments as a JSON string.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it interpolates untrusted user input (CIDR notation) into a command-line context.
- Ingestion points: Untrusted input is accepted via the 'cidr' parameter in the 'subnet_calculator', 'subnet_calculator_v6', and 'subnet_calculator_auto' tools.
- Boundary markers: There are no explicit boundary markers or isolation mechanisms to prevent the user input from breaking out of the JSON string or shell command structure.
- Capability inventory: The skill is configured to execute subprocesses via 'python3'.
- Sanitization: No input validation, escaping, or sanitization logic is present in the skill definition to verify the safety of the 'cidr' input.
Audit Metadata