Skills
skills/heshamfs/materials-simulation-skills/parameter-optimization/Gen Agent Trust Hub

parameter-optimization

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [Indirect Prompt Injection] (HIGH): The skill is highly vulnerable to indirect prompt injection because it prompts the agent to collect untrusted data from the user (parameter names, bounds, constraints) and use that data as arguments in shell commands via the Bash tool. \n
  • Ingestion points: SKILL.md identifies 'Inputs to Gather' such as parameter names and constraints as entry points for untrusted data. \n
  • Boundary markers: Absent. The CLI examples demonstrate direct string interpolation of variables into shell command strings without delimiters or instructions to ignore embedded commands. \n
  • Capability inventory: The skill relies on the Bash tool to execute several local Python scripts (doe_generator.py, sensitivity_summary.py, optimizer_selector.py, surrogate_builder.py). \n
  • Sanitization: Absent. There is no mention of sanitizing user input or validating string content before it is passed to the shell, allowing for potential metacharacter injection (e.g., ; rm -rf /).\n- [Command Execution] (MEDIUM): The skill defines a workflow that centers on executing shell commands. While this is functional, the lack of input validation combined with the use of the Bash tool to process user-influenced strings elevates the inherent risk of the skill.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:49 PM