zsxq-group
Pass
Audited by Gen Agent Trust Hub on Apr 23, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill performs shell command execution using the zsxq-cli tool to query group and topic information from the Knowledge Planet platform.
- [EXTERNAL_DOWNLOADS]: The skill specifies a requirement for the zsxq-cli binary. As this is a vendor-owned resource associated with the author and necessary for the primary functionality, it is documented as a standard dependency.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes user-generated content (topic titles, digests, and types) from the Knowledge Planet platform.
- Ingestion points: External content enters the agent's context through tools such as zsxq-cli group +topics and zsxq-cli group +hashtags.
- Boundary markers: The skill refers to a shared SKILL.md for security rules but does not implement explicit boundary markers or ignore instructions within the retrieved content in the analyzed files.
- Capability inventory: The skill has the ability to execute various zsxq-cli subcommands and API calls.
- Sanitization: No sanitization or validation of the retrieved external content is described in the provided documentation.
Audit Metadata