agent-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill implements an audit process that involves reading and analyzing external SKILL.md files from various plugins, which creates a surface for indirect prompt injection. A malicious file being audited could contain instructions designed to influence or deceive the auditor's judgment.\n
- Ingestion points: The workflow documentation in
SKILL.md(Step 2) describes enumerating and reading the contents of externalSKILL.mdfiles.\n - Boundary markers: No specific delimiters or isolation instructions are provided for the ingested external content.\n
- Capability inventory: The skill is designed to work with file system tools and a benchmarking harness (
bun) that can execute shell commands.\n - Sanitization: The methodology does not include steps for sanitizing or validating the content of audited files before they are processed by the agent.\n- [COMMAND_EXECUTION]: The audit workflow and reference documentation describe the use of shell commands such as
lsfor file enumeration,wcfor word count validation, andbunfor executing testing benchmarks.
Audit Metadata