Skills
skills/devman57/agentic-voice-ui/Witty Assistant/Gen Agent Trust Hub

Witty Assistant

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it combines the processing of untrusted external content with the availability of high-privilege tools.\n
  • Ingestion points: Data is ingested from the web using web_search and fetch_url tools defined in SKILL.md.\n
  • Boundary markers: The system prompt does not include markers to delimit external content or instructions to ignore embedded commands.\n
  • Capability inventory: The skill has broad capabilities including run_command, write_file_full, and create_skill permissions as specified in SKILL.md.\n
  • Sanitization: No sanitization logic is implemented in SKILL.md or the helper scripts to clean external data before it is processed by the assistant.\n- [COMMAND_EXECUTION]: The skill configuration in SKILL.md grants the agent the run_command and create_skill tool permissions, which enable the execution of arbitrary shell commands and the dynamic generation of new skill content on the host system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 02:22 AM