risk-assessment-creator
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONNO_CODE
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill defines a vulnerability surface for indirect prompt injection by requesting high-privilege capabilities to process untrusted external content.
- Ingestion points: Activates on user requests or enterprise documents containing the phrase 'risk assessment creator'.
- Boundary markers: Absent. No delimiters or instructions are provided to distinguish between user data and agent instructions.
- Capability inventory: Explicitly requests
Bash,Write,Edit, andReadtools, enabling system execution and file system modification. - Sanitization: Absent. There are no mechanisms described to sanitize or validate inputs before they are used to generate code or configurations.
- [Command Execution] (HIGH): The skill metadata requests access to the
Bashtool, granting the agent the capability to run arbitrary shell commands. Without visible code, the implementation of this power cannot be audited for safety. - [No Code] (LOW): The skill consists entirely of metadata and documentation without any executable scripts or logic. While not inherently malicious, the lack of transparency combined with high-privilege tool requests is a significant security concern.
Recommendations
- AI detected serious security threats
Audit Metadata