peon-ping-log
Warn
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the AI agent to execute a local shell script located at
~/.claude/hooks/peon-ping/peon.shusing the bash tool to perform logging tasks. - [PROMPT_INJECTION]: The skill is vulnerable to command injection because it interpolates unvalidated user input directly into a shell command string. A user could provide input containing shell metacharacters (e.g.,
;,&&,|) to execute arbitrary code instead of just logging numbers. - [PROMPT_INJECTION]: Mandatory evidence chain for Category 8 risk: 1. Ingestion points: User-provided values for rep count and exercise type enter the context via natural language commands. 2. Boundary markers: Absent; there are no delimiters or instructions to treat user input as untrusted data within the shell command. 3. Capability inventory: The agent is granted the ability to execute arbitrary shell commands through the bash tool. 4. Sanitization: Absent; the skill provides no instructions for the agent to validate, escape, or filter the user input before processing.
Audit Metadata