benchmark-suite-creator
Warn
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (MEDIUM): The skill is designed to auto-activate based on user-supplied strings and perform tasks like generating code and configurations. * Ingestion points: User prompts containing 'benchmark suite creator' (SKILL.md). * Boundary markers: None identified. * Capability inventory: Bash, Write, Edit, Read (SKILL.md). * Sanitization: No sanitization or validation of the generated outputs against malicious input is described in the provided instructions.- [Command Execution] (LOW): The skill explicitly requests the 'Bash' tool. While no malicious scripts are included in this file, the combination of automated activation and command execution capabilities increases the potential impact of a prompt injection attack.
Audit Metadata