prose-analysis
Warn
Audited by Gen Agent Trust Hub on Apr 10, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script 'resources/analyze.sh' is vulnerable to command injection via shell arithmetic expansion. The parameter 'WINDOW' (the second argument to the script) is used directly inside Bash arithmetic contexts '((...))' at lines 177, 181, and 186 without any validation or sanitization. In Bash, arithmetic evaluation recursively evaluates the content of variables; if the variable contains an expression such as 'a[$(id)]', the command inside the subshell will be executed.
- [PROMPT_INJECTION]: The skill defines a vulnerability surface for indirect prompt injection. Since the 'prose-analysis' agent is expected to process untrusted markdown files and can be instructed to provide parameters to the analysis script, a malicious document could include instructions designed to trick the agent into using a payload as the 'window_size' parameter, thereby triggering the command injection vulnerability.
Audit Metadata