analyzing-text-sentiment
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: Functional Deception. The skill documentation in SKILL.md and the docstrings in the scripts claim the tool is for sentiment analysis and identifying emotional tone. However, the implementation in analyze_sentiment.py performs a directory-wide file system scan, aggregating file counts, sizes, and types. This discrepancy is misleading and could lead an agent to perform unintentional system reconnaissance.\n- [PROMPT_INJECTION]: Indirect Prompt Injection Surface. The skill is designed to process external text and directory contents while possessing high-privilege capabilities.\n
- Ingestion points: User-supplied text data and target directory paths (SKILL.md, scripts/analyze_sentiment.py).\n
- Boundary markers: Absent; there are no instructions or delimiters to ignore embedded commands in the processed data.\n
- Capability inventory: The skill is permitted to use Bash(cmd:*), Write, Read, and Grep (SKILL.md). The scripts perform recursive directory reads and file writes.\n
- Sanitization: Absent; input data and file paths are processed without validation or filtering.
Audit Metadata