unified-execute-with-file
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes arbitrary shell commands defined in the 'convergence.verification' field of input JSON files using the Bash() function.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection via the '.task/*.json' input files.
- Ingestion points: Processes all '.json' files within the directory specified by the 'PLAN' argument.
- Boundary markers: None. The agent is instructed to directly interpret and act upon the 'description' and 'criteria' fields.
- Capability inventory: Includes 'Bash' command execution, and file system operations via 'Read', 'Write', 'Edit', 'Glob', and 'Grep'.
- Sanitization: No validation or sanitization of the command strings or descriptive instructions is performed before execution.
Audit Metadata