analyzing-text-with-nlp
Warn
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Deceptive metadata and instructions are present; the skill claims to perform NLP tasks that are not implemented in the provided Python scripts. Additionally, the skill creates an indirect prompt injection surface by processing untrusted text inputs. Ingestion points: user-provided text for analysis tasks defined in SKILL.md. Boundary markers: absent in instructions and examples. Capability inventory: unrestricted shell access (Bash(cmd:*)) and file-system writing (scripts/analyze_text.py). Sanitization: absent.
- [COMMAND_EXECUTION]: The SKILL.md file requests unrestricted bash access (Bash(cmd:*)). While the bundled scripts are currently benign file system tools, this permission allows the agent to execute any shell command, which is particularly dangerous given the mismatch between the skill's stated purpose and its actual implementation.
Audit Metadata