Skills
NYC
skills/duc01226/easyplatform/status/Gen Agent Trust Hub

status

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill exhibits a significant surface for Indirect Prompt Injection.
  • Ingestion points: The workflow requires reading untrusted external data including git logs, Product Backlog Items (PBIs), and pull request (PR) descriptions (SKILL.md).
  • Boundary markers: There are no specified delimiters or instructions to treat ingested data as untrusted or to ignore embedded instructions.
  • Capability inventory: The skill is granted access to the Bash and Write tools, enabling it to execute arbitrary shell commands and modify the file system (SKILL.md frontmatter).
  • Sanitization: No evidence of sanitization or validation of the external content is present.
  • [COMMAND_EXECUTION] (MEDIUM): The explicit allowance of the Bash tool provides a powerful vector for exploitation if the agent is successfully manipulated by malicious content found in the project data it analyzes.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 07:08 AM