okr-tracker-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHNO_CODECOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill requests powerful tools (Bash, Write, Edit, Read) for OKR-related tasks but provides no sanitization logic or boundary markers. This creates a significant vulnerability where untrusted data could manipulate the agent into executing arbitrary commands. * Ingestion points: User input and potential external OKR data files. * Boundary markers: Absent. * Capability inventory: Bash and Write tools allow for full system access and file modification. * Sanitization: Absent.
- [No Code] (INFO): The skill contains only metadata and markdown with no functional scripts. All execution relies on the agent's autonomous use of requested high-privilege tools based on the broad purpose described.
Recommendations
- AI detected serious security threats
Audit Metadata