example-argument-substitution
Warn
Audited by Gen Agent Trust Hub on Apr 28, 2026
Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The file
SKILL.mdutilizes dynamic context injection (the!`command`syntax) to execute shell commands at the moment the skill is loaded. The specific command!`echo "Loaded at $(date '+%Y-%m-%dT%H:%M:%S') — first arg is: $0"`interpolates the raw user argument$0directly into a shell string. - [COMMAND_EXECUTION]: This pattern is highly susceptible to shell command injection. Since the platform executes the shell command after argument substitution, a user could provide an argument containing shell metacharacters such as semicolons, pipe symbols, or backticks (e.g.,
/example-argument-substitution "; touch /tmp/unsafe; #") to execute arbitrary code on the underlying host system. - [COMMAND_EXECUTION]: While the skill is intended as an educational test harness for understanding argument substitution, it provides a functional example of an insecure implementation that bypasses standard safety boundaries by executing unvalidated user input in a shell context.
Audit Metadata