morning
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill is designed to use the
Bashtool to run theicalBuddycommand for pulling calendar events into the daily log.- [EXTERNAL_DOWNLOADS]: Thereference.mdfile suggests that the user installs an external package (ical-buddy) via the Homebrew package manager.- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data found in local files without sanitization.- Ingestion points: The skill reads untrusted data from~/Documents/YOURNAME/inbox.mdand daily journal entries.- Boundary markers: No delimiters or safety instructions are present to prevent the agent from obeying instructions embedded within the journal or inbox files.- Capability inventory: The skill possesses broad capabilities includingBashexecution and the ability toRead,Write, andEditlocal files.- Sanitization: No sanitization or content validation is performed on the data ingested from files before it is processed by the agent.
Audit Metadata