roundtable
Pass
Audited by Gen Agent Trust Hub on Mar 30, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses shell commands for its file management and export feature. It specifically instructs the agent to run commands such as date, mkdir, and New-Item to generate timestamps and directory structures.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection or command injection. It takes user-provided topics and extracts keywords which are then used directly in shell commands and file paths in Section 9.\n
- Ingestion points: User-provided discussion topics in SKILL.md.\n
- Boundary markers: None present for the interpolated user-supplied keywords.\n
- Capability inventory: Shell command execution (date, mkdir, New-Item) and file system write access in SKILL.md.\n
- Sanitization: The instructions lack sanitization or validation logic for user input used in command-line operations.
Audit Metadata