Skills
skills/fw1201/tw-edu-skills/tw-edu-parent-communication/Gen Agent Trust Hub

tw-edu-parent-communication

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local Python script (scripts/generate_parent_comm.py) which generates .docx files in the /mnt/user-data/outputs/ directory based on teacher input.\n- [PROMPT_INJECTION]: The skill is susceptible to an indirect prompt injection surface in SKILL.md. The user-provided summary is interpolated directly into a shell command (--content "[主要訊息摘要]").\n
  • Ingestion points: User input for the [主要訊息摘要] placeholder in the generation command.\n
  • Boundary markers: The placeholder is wrapped in double quotes in the shell script block.\n
  • Capability inventory: The skill has Bash, Read, and Write tool permissions, allowing it to execute scripts and write to the filesystem.\n
  • Sanitization: No explicit validation or sanitization of the input string is performed before it is passed to the shell execution environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 12:34 AM