terminal-ui-engineer
Warn
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to generate shell scripts that automatically attempt to install the
gumutility using system package managers likeapt,pacman,brew,scoop, andwingetif the dependency is not found. - [COMMAND_EXECUTION]: The generated scripts are explicitly instructed to use
sudofor installation on Unix-like systems, which executes commands with elevated administrative privileges. - [EXTERNAL_DOWNLOADS]: The skill references and directs the agent to install the
gumutility from Charmbracelet's official GitHub repository. - [PROMPT_INJECTION]: The skill ingests user preferences and functional goals to define the logic of the generated scripts, creating a surface for indirect prompt injection.
- Ingestion points: User input provided via the
questiontool to define the functional goals and actions of the generated script. - Boundary markers: None identified; there are no instructions to sanitize input or wrap it in delimiters to prevent the execution of malicious instructions embedded in the goal description.
- Capability inventory: The generated scripts have the capability to execute arbitrary shell commands, manage system environment variables, and perform file system operations (e.g., piping output to
xargs rm). - Sanitization: Absent; the instructions do not require the agent to validate or escape user input before incorporating it into the final executable script.
Audit Metadata