Skills
skills/cevio/hile/message-ipc/Gen Agent Trust Hub

message-ipc

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The library implements an IPC communication layer that serves as a vulnerability surface for indirect prompt injection through data received from external processes.\n
  • Ingestion points: In src/index.ts, the MessageIpc class initializes a listener on the IPC channel using this.channel.on('message', ...).\n
  • Boundary markers: The implementation lacks boundary markers or instructions to the model to ignore potential instructions embedded within the IPC data payloads.\n
  • Capability inventory: The library facilitates bi-directional data transfer via the post method in src/index.ts and allows for processing logic in subclass-defined exec methods.\n
  • Sanitization: No sanitization or validation logic is applied to message payloads before they are passed to the execution handler.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 09:53 AM