numerical-integration
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Indirect Prompt Injection (HIGH): The skill processes untrusted user input which is then used in high-privilege operations.
- Ingestion points: User inputs for 'Problem type', 'Target accuracy', and 'Constraints' defined in SKILL.md.
- Boundary markers: Absent; there are no delimiters or instructions to ignore embedded commands.
- Capability inventory: The 'Bash' tool is used to execute local Python scripts using these inputs.
- Sanitization: Absent; no logic exists to escape or validate user-provided strings.
- Command Execution (HIGH): User input is interpolated into shell commands, allowing for potential command injection.
- Evidence: Conversational workflow examples demonstrate constructing CLI calls like 'python3 scripts/imex_split_planner.py' using user-supplied terms.
Recommendations
- AI detected serious security threats
Audit Metadata