ascii-art-diagrams
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill employs coercive and restrictive language to override standard agent operational flexibility and decision-making logic. Evidence includes forceful commands such as 'MUST follow the PLAN, DRAW, VERIFY phases' and 'You are not to proceed unless you are going to follow the process exactly.' Metadata instructions in the description field also attempt to influence behavior during loading.
- [COMMAND_EXECUTION]: The skill requires the agent to generate and execute Python scripts and shell commands at runtime. The workflow directs the agent to 'Write a Python script using grid.py' and execute it, alongside mandatory use of the 'scripts/verify.py' tool.
- [EXTERNAL_DOWNLOADS]: The skill's configuration includes an installation command that fetches resources from GitHub, which is a well-known service.
Audit Metadata