sc-index
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- Indirect Prompt Injection (HIGH): High risk due to the combination of untrusted data ingestion and file-system write permissions.
- Ingestion points: Reads code comments, README files, and project structures using 'Glob' and 'Grep' tools.
- Boundary markers: None specified; the skill lacks instructions for the agent to ignore or delimit embedded instructions in the source files.
- Capability inventory: Features the 'Write' tool for file creation and the 'Grep' and 'Glob' tools for exploring the filesystem.
- Sanitization: There is no mention of content sanitization or validation before the ingested data is processed or written to disk.
Recommendations
- AI detected serious security threats
Audit Metadata