log-viewer
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- Data Exposure & Exfiltration (MEDIUM): The skill explicitly targets
~/Library/Logs/SkillLauncher/app.log. These logs contain a history of commands executed by the user (发送: /skill-name 参数), which may include sensitive arguments, tokens, or personal information processed by other skills. - Indirect Prompt Injection (MEDIUM): This skill creates an attack surface for indirect prompt injection by reading untrusted data (application logs).
- Ingestion points:
~/Library/Logs/SkillLauncher/app.logviatailandgrepcommands. - Boundary markers: Absent. The agent is instructed to "analyze" the logs without specific delimiters to distinguish between log metadata and potentially malicious log content.
- Capability inventory: The skill uses shell commands (
tail,grep,date) which implies the agent has command execution permissions in the underlying environment. - Sanitization: None. The agent processes raw log lines which could contain adversarial instructions injected into the logs via previous commands.
- Command Execution (LOW): The skill provides bash snippets for log rotation and searching. While using standard tools like
grepandtail, it encourages the agent to execute shell commands on files that contain arbitrary user-controlled strings.
Audit Metadata