shortcuts-generator
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill requires the use of the
Bashtool to execute theshortcuts signcommand on the local system. This capability poses a command injection risk if the agent incorporates user-provided filenames or parameters into the shell command without rigorous sanitization. - [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it generates executable content (.shortcut files) based on untrusted user input. 1. Ingestion points: User requests for shortcut creation or workflow automation. 2. Boundary markers: Absent; there are no instructions to delimit user input or ignore embedded directives. 3. Capability inventory:
Write(for creating plist files) andBash(for executing signing commands). 4. Sanitization: Absent; the skill documentation does not provide methods for validating or escaping user-provided data before use in file generation or command execution.
Audit Metadata