dayone
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the local
dayonebinary located at/usr/local/bin/dayoneto create journal entries and manage attachments. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it takes text input and passes it to the command line for logging.
- Ingestion points: Text content used in the
dayone newcommand examples inSKILL.md. - Boundary markers: No explicit delimiters or instructions are used to separate untrusted content from command instructions.
- Capability inventory: Command execution via the
dayoneCLI with support for attachments and various metadata flags. - Sanitization: There is no evidence of input validation or escaping for the content being logged.
Audit Metadata