problem-solving-pro
Fail
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The prerequisites section of SKILL.md contains instructions that require administrative privileges (sudo apt install python3) to install dependencies on Linux-based systems.- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through the following surface:\n
- Ingestion points: User-provided problem descriptions are captured in SKILL.md (Step 2) and passed as raw arguments to scripts/search.py.\n
- Boundary markers: Absent; there are no delimiters or instructions to the agent to treat the user input as untrusted data.\n
- Capability inventory: The skill can execute local Python scripts, write persistent files to the filesystem (advisor.py), and execute system-level installation commands.\n
- Sanitization: Absent at the agent-to-script boundary; the agent passes the raw user string directly into a command-line context.
Recommendations
- AI detected serious security threats
Audit Metadata