Skills
skills/huangkiki/dailypaper-skills/generate-mocs/Gen Agent Trust Hub

generate-mocs

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill triggers subprocess calls to execute local Python scripts (generate_concept_mocs.py and generate_paper_mocs.py) and performs Git operations (add, commit, push) to synchronize vault changes.
  • [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) because it ingests data from local configuration files that directly influence subsequent command-line execution and environment variables.
  • Ingestion points: The skill reads ../_shared/user-config.json and ../_shared/user-config.local.json to define variables like VAULT_PATH and NOTES_PATH.
  • Boundary markers: No specific delimiters or safety instructions are present to prevent malicious data in the configuration files from altering agent behavior.
  • Capability inventory: Includes file system reads, Python script execution, and Git network operations.
  • Sanitization: No validation or sanitization of the configuration file content is performed before use in subprocess calls.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 02:29 AM