Skills
skills/avifenesh/agentsys/enhance-cross-file/Gen Agent Trust Hub

enhance-cross-file

Warn

Audited by Gen Agent Trust Hub on Feb 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (MEDIUM): The skill utilizes node -e to execute JavaScript logic from a local file (./lib/enhance/cross-file-analyzer.js). This method of dynamic execution is risky as it relies on unverified external files and is susceptible to injection if arguments (like the file path) are poorly handled.
  • Evidence: node -e "const a = require('./lib/enhance/cross-file-analyzer.js'); console.log(JSON.stringify(a.analyze('.'), null, 2));" in SKILL.md.
  • Context: The referenced logic in cross-file-analyzer.js is not provided in the skill documentation, preventing verification of its internal logic or side effects.
  • Indirect Prompt Injection (LOW): The skill is designed to ingest and analyze content from various local files, which may contain malicious instructions targeted at the agent or the analyzer itself.
  • Ingestion points: Any files within the user-provided targetPath or the default directory.
  • Boundary markers: No delimiters or 'ignore embedded instructions' warnings are implemented to protect the agent from processing malicious content within the analyzed files.
  • Capability inventory: Shell command execution via node and filesystem read access.
  • Sanitization: No explicit sanitization, validation, or escaping of input file content is documented.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 20, 2026, 02:07 AM