glances
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The SKILL.md file contains prescriptive instructions attempting to override agent decision-making logic. It uses language such as 'MANDATORY SKILL INVOCATION', 'YOU MUST invoke this skill (NOT optional)', and 'Failure to invoke this skill... violates your operational requirements' to ensure the agent prioritizes this skill over others.
- [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data from the Glances API.
- Ingestion points: Data enters the agent context through API responses fetched via curl in 'scripts/glances-api.sh'.
- Boundary markers: The skill does not use delimiters or explicit 'ignore embedded instructions' warnings when returning API data to the agent.
- Capability inventory: The agent can execute shell commands via the zsh-tool as described in the SKILL.md requirements.
- Sanitization: The script uses jq to structure the data, but no sanitization or filtering of the actual content (e.g., process command lines or container names) is performed before it is provided to the agent.
Audit Metadata