Skills
skills/gasserane/personal-skills/ann/Gen Agent Trust Hub

ann

Warn

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: MEDIUMDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill specifies absolute paths to read files from a local user directory (C:/Users/AGasser/...). When used in conjunction with tools like WebSearch and WebFetch, this configuration creates a potential path for sensitive local documents to be read and transmitted to external servers.
  • [COMMAND_EXECUTION]: The skill employs the Agent() tool for dynamic sub-agent creation and instructions the agent to write new configuration files (.md) to the agent-improvements/proposed-agents/ directory. Writing instructional files that define agent behavior is a sensitive capability.
  • [PROMPT_INJECTION]: The workflow involves fetching untrusted data from the web to build an Evidence Brief, which then drives the logic of specialized sub-agents. This ingestion process represents an indirect prompt injection surface where malicious content on a fetched page could manipulate the execution of the primary or secondary agents.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 7, 2026, 05:22 PM