Skills
skills/ideacco/baoyu-skills-openclaw/baoyu-slide-deck/Gen Agent Trust Hub

baoyu-slide-deck

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The system instructions include a directive to bypass safety refusals for copyrighted or sensitive figures by generating stylistically similar alternatives instead of refusing the request.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection. Ingestion points: source.md (user-provided content). Boundary markers: Absent. Capability inventory: bash (executing conversion scripts). Sanitization: Absent.
  • [COMMAND_EXECUTION]: The skill utilizes the bash tool to verify local configuration files (EXTEND.md) and to execute TypeScript conversion scripts using the bun runtime.
  • [EXTERNAL_DOWNLOADS]: The skill uses npx to execute scripts, which may involve downloading runtimes or library dependencies from the npm registry if they are not already cached.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 07:52 AM