Writing Slash Commands
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill defines a system where user-provided arguments are interpolated into prompt templates using placeholders like $1, $2, and $ARGUMENTS.\n
- Ingestion points: Use of positional and catch-all argument placeholders in the markdown templates within SKILL.md.\n
- Boundary markers: The templates do not utilize delimiters or specific instructions to isolate user-provided data from the rest of the prompt context.\n
- Capability inventory: The skill is configured to use the Bash tool, allowing for various filesystem and repository operations.\n
- Sanitization: The guide does not mention or provide examples of input validation or sanitization for the user arguments before they are interpolated.\n- [COMMAND_EXECUTION]: The guide teaches users how to execute shell commands using the '!' prefix and includes examples where user arguments are passed directly into bash commands (e.g., git log -${1}). This pattern creates a command injection surface if the arguments contain shell metacharacters.
Audit Metadata