findall
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
- Unverifiable Dependencies (MEDIUM): The skill instructs the user to install an external package
findall-clivia npm (npm install -g findall-cli). This package is not from a trusted organization or repository defined in the security policy, posing a risk of supply chain attack or execution of unvetted code. - Indirect Prompt Injection (LOW): The skill accepts untrusted natural language input through the
<objective>argument which is then processed by a "generator" (LLM tier). - Ingestion points: The
<objective>string passed to thefindall runcommand inSKILL.md. - Boundary markers: Absent. There are no instructions provided to the agent or the tool to delimit the user objective or ignore potentially malicious instructions embedded within the search criteria.
- Capability inventory: The CLI tool performs entity discovery and writes results to the local file system (
matches.json,matches.csv, etc.). - Sanitization: Absent. No evidence of input validation or instruction filtering is present in the skill definition.
Audit Metadata