concept-anatomist
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses role-playing instructions ('You are now Concept Anatomist') which is standard for defining agent behavior and does not appear to be an attempt to bypass safety filters.- [COMMAND_EXECUTION]: The skill instructs the agent to perform file system operations by writing reports to '~/Documents/notes/'. While this is the primary function of the skill, it involves interaction with the host system's storage.- [INDIRECT_PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through its input handling and file writing capabilities.
- Ingestion points: User-provided concept names are ingested and used to generate content and file paths (found in SKILL.md).
- Boundary markers: None identified. The user input is interpolated directly into the file naming template.
- Capability inventory: The skill has file-write capabilities to the local file system (SKILL.md).
- Sanitization: There is no explicit sanitization or validation of the user-provided concept name before it is used to construct the target file path, which could lead to path traversal if an attacker provides a malicious string like '../../target_file'.
Audit Metadata