install-md
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill includes bash scripts in guide.md that use grep, sed, and wc to check the format of the created install.md. This is an indirect injection surface. Evidence: 1. Ingestion points: install.md created from user input. 2. Boundary markers: Absent. 3. Capability inventory: grep, sed, wc, head. 4. Sanitization: None.
- PROMPT_INJECTION (SAFE): The skill facilitates the creation of autonomous instructions. This is the intended use and not a direct attack on the agent's safety systems.
Audit Metadata