error-detective
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Data Exposure & Exfiltration (HIGH): The skill provides commands to read system logs at
/var/log/app.log. These files frequently contain sensitive information such as PII, session tokens, internal IP addresses, and file paths. - Indirect Prompt Injection (MEDIUM): The skill processes untrusted log data which may contain attacker-controlled content. 1. Ingestion points: File
/var/log/app.logand variablelog_contentin the Python parser script. 2. Boundary markers: Absent. No delimiters or instructions are used to distinguish log data from agent instructions. 3. Capability inventory: Read-only shell commands (grep,awk,tail) and Python-based regex parsing. No file-write or network capabilities are present in the provided scripts. 4. Sanitization: Absent. No filtering or escaping is performed on the ingested log content. - Command Execution (LOW): The skill relies on shell commands for its core functionality. While the provided examples are read-only, the underlying capability to execute shell commands could be abused if the agent is coerced into running arbitrary commands.
Recommendations
- AI detected serious security threats
Audit Metadata