Skills
skills/dailybothq/agent-skill/dailybot/Gen Agent Trust Hub

dailybot

Warn

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The messages/SKILL.md and health/SKILL.md components fetch external messages from the Dailybot API and explicitly instruct the agent to treat these messages as instructions to be followed. This creates a surface for indirect prompt injection where external content can influence the agent's behavior.
  • [COMMAND_EXECUTION]: The skill modifies global agent configuration files, such as ~/.claude/CLAUDE.md, ~/.cursor/rules/, and ~/.agents/AGENTS.md, to establish a persistent auto-activation mechanism for progress reporting across different workspace environments.
  • [REMOTE_CODE_EXECUTION]: The authentication and setup process involves downloading and executing shell scripts from the vendor's domain (https://cli.dailybot.com/install.sh and install.ps1). These scripts are used to install the Dailybot CLI on the host system.
  • [DATA_EXFILTRATION]: The email functionality in email/SKILL.md allows the agent to send information to external recipients. The skill implements a sensitive-content scan using regex patterns to detect and block the transmission of credentials (API keys, private keys, tokens), providing a mitigation against data leakage.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 6, 2026, 04:54 PM