Skills
skills/inference-shell/skills/ai-automation-workflows/Gen Agent Trust Hub

ai-automation-workflows

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: Indirect prompt injection vulnerability surface identified in several automation templates.
  • Ingestion points: The data_processing.sh template reads raw file content using cat, conditional_workflow.sh processes positional CLI arguments, and content_pipeline.sh chains outputs from one model into the next.
  • Boundary markers: None; the content is placed directly into the prompt strings.
  • Capability inventory: The skill uses the infsh CLI tool to interact with various models and tools, including web search (tavily/search-assistant).
  • Sanitization: The templates do not include logic for escaping or validating external content before it is processed by the AI models.
  • [COMMAND_EXECUTION]: The skill is centered around the creation and execution of shell and Python scripts to automate tasks. It utilizes subprocess.run in Python and direct bash execution to manage the infsh CLI tool and local files.
  • [EXTERNAL_DOWNLOADS]: The skill's documentation includes instructions to download additional components from the author's own ecosystem (e.g., npx skills add inference-sh/skills@agent-tools). These are recognized as legitimate vendor resources from the skill author.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 09:32 PM