Skills
skills/darrenhinde/openagentscontrol/smart-router-skill/Gen Agent Trust Hub

smart-router-skill

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (HIGH): The skill orchestrates shell execution using user-provided strings. Specifically, the instruction to run bash router.sh --character <your_choice> interpolates the user's response directly into a shell command.
  • Ingestion points: User selection prompt described in SKILL.md under the 'Example Flow' section.
  • Boundary markers: Absent; the command-line pattern lacks quoting or escaping for the variable.
  • Capability inventory: Access to the local shell environment via bash and sub-scripts in the scripts/ directory.
  • Sanitization: Absent; the instructions do not explicitly direct the agent to validate or whitelist the input against the allowed characters ('yoda', 'stark', 'sherlock').
  • PROMPT_INJECTION (MEDIUM): The interactive nature of the skill allows a user to 'inject' malicious payloads into the system by providing inputs containing shell metacharacters (e.g., ;, &&, or |) when the agent asks for a character choice. This could lead to arbitrary code execution on the host machine.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 11:22 AM