Dayuse App Commands
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill's primary function is running shell commands via 'pipenv run inv'. This provides the agent with the capability to execute arbitrary code, manage Docker containers, and modify the local filesystem.
- [PROMPT_INJECTION] (HIGH): Category 8 (Indirect) vulnerability identified. 1. Ingestion points: 'loco-download' and 'mysql-load-dump' (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: 'pipenv run inv' executes shell commands/subprocesses (SKILL.md). 4. Sanitization: Absent. Malicious content in translation files or SQL dumps could trigger unauthorized actions via the 'inv' execution environment.
- [EXTERNAL_DOWNLOADS] (MEDIUM): The skill performs remote downloads via 'loco-download' and installs software dependencies using 'pipenv install' and 'inv install' (composer/yarn), which pull from external registries.
- [DATA_EXPOSURE] (LOW): The skill reveals a specific local user's directory path: '/Users/fabiendauvergne/PhpstormProjects/dayuse-com'.
Recommendations
- AI detected serious security threats
Audit Metadata