Ffind
Warn
Audited by Gen Agent Trust Hub on Feb 26, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the
ffindtool, explicitly requiringsudofor extraction tasks. This represents a privilege escalation risk, as it grants the tool root-level access to the system. - [PROMPT_INJECTION]: There is an indirect prompt injection risk. Ingestion points: User-supplied file paths are used directly as arguments for the
ffindcommand in SKILL.md. Boundary markers: The skill does not define delimiters for user input. Capability inventory: The skill performs subprocess execution of a binary. Sanitization: There is no evidence of input validation or escaping for shell metacharacters in the instructions. - [EXTERNAL_DOWNLOADS]: The skill depends on external packages (
e2fsprogs,f2fs-tools,util-linux) and a binary from theiothackbotproject. While these are presented as environment requirements, they are external to the skill's own code and their integrity is assumed.
Audit Metadata