Skills
skills/davila7/claude-code-templates/sentencepiece/Gen Agent Trust Hub

sentencepiece

Warn

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (MEDIUM): The SKILL.md file contains instructions to execute sudo make install. While this is a standard procedure for installing C++ libraries, the use of sudo involves high-privilege command execution. The severity is set to MEDIUM as this is a documentation-based instruction for the skill's primary setup.
  • [EXTERNAL_DOWNLOADS] (SAFE): The skill references https://github.com/google/sentencepiece.git. Since google is a trusted organization, this download reference is considered safe.
  • [PROMPT_INJECTION] (LOW): This skill represents an indirect prompt injection surface.
  • Ingestion points: Untrusted text data is passed to sp.encode() in multiple examples within SKILL.md and references/algorithms.md.
  • Boundary markers: No boundary markers or delimiters are suggested to separate user data from control instructions in the snippets provided.
  • Capability inventory: The skill primarily performs local string tokenization and lacks network or file-write capabilities triggered by input data.
  • Sanitization: No sanitization or filtering logic is demonstrated for the input strings before they are processed by the tokenizer.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 17, 2026, 04:58 PM