privacy-policy-generate
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands including
grep,sed, andgitto extract application metadata and developer configuration from the project files and environment. - [DATA_EXFILTRATION]: The skill accesses personally identifiable information (PII) by reading the local Git configuration (
git config user.name,git config user.email). While this data is used for its intended purpose of populating the privacy policy, it constitutes unauthorized access to user identity data if the user is unaware. - [PROMPT_INJECTION]: The skill processes data from untrusted files, creating a surface for indirect prompt injection.
- Ingestion points: The skill reads content from
app/src/main/AndroidManifest.xml,app/src/main/res/values/strings.xml, andapp/build.gradle.kts. - Boundary markers: There are no boundary markers or instructions used to prevent the agent from interpreting malicious content embedded in these files.
- Capability inventory: The agent can execute shell commands (
grep,sed) and perform file system writes (docs/privacy-policy.md). - Sanitization: The skill lacks sanitization or validation logic for the strings extracted from project files before they are used in prompts or documentation.
Audit Metadata