get-results
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use the 'coval' CLI tool to list simulations, get simulation details, and download audio. This is consistent with the skill's purpose and the author's identity as coval-ai.
- [PROMPT_INJECTION]: The skill processes external data (transcripts and error logs), creating a surface for potential indirect prompt injection. 1. Ingestion points: SKILL.md (via output of 'coval' commands). 2. Boundary markers: None. 3. Capability inventory: File system writes (audio download) and network access via the coval CLI. 4. Sanitization: None.
Audit Metadata