Skills
skills/cnife/skills/Report Generator/Gen Agent Trust Hub

Report Generator

Pass

Audited by Gen Agent Trust Hub on Mar 31, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the open command to display generated HTML files from the .artifacts/ directory in the system browser. This facilitates the intended user workflow for reviewing reports.
  • [DATA_EXFILTRATION]: User-initiated report sharing involves uploading content to segmentstream.ai using the share_artifact tool. This is a core feature for generating shareable URLs and is documented as a transparent action.
  • [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface by ingesting untrusted conversation data and interpolating it into report templates without explicit sanitization or escaping instructions. This could allow content from the conversation to manipulate the rendered report.
  • Ingestion points: Conversation producing insights, data tables, and metrics entering the agent context (SKILL.md).
  • Boundary markers: Absent; the skill uses direct template variable replacement.
  • Capability inventory: Filesystem access (read/write in .artifacts/), shell execution (open), and network communication (share_artifact).
  • Sanitization: Absent; no instructions for escaping or validating external input before interpolation.
  • [EXTERNAL_DOWNLOADS]: The documentation suggests installing development tools from the official Anthropics GitHub organization. This follows standard setup procedures for skill development.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 31, 2026, 08:59 AM