tautulli
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The SKILL.md file uses coercive language to override agent behavior, including '⚠️ MANDATORY SKILL INVOCATION ⚠️', 'YOU MUST invoke this skill (NOT optional)', and 'Failure to invoke this skill when triggers occur violates your operational requirements'.
- [COMMAND_EXECUTION]: The skill utilizes a bash script (scripts/tautulli-api.sh) to fetch and process data from a remote API, creating a vulnerability surface for indirect prompt injection.
- Ingestion points: Data is ingested from the Tautulli API responses via the scripts/tautulli-api.sh script.
- Boundary markers: No explicit delimiters or markers are used to separate potentially attacker-controlled API data from the agent's instructions.
- Capability inventory: The skill can execute network requests and shell commands via curl and bash.
- Sanitization: The script does not perform any sanitization or validation of the API-returned content (such as media titles or user friendly names) before it is passed to the agent for processing.
Audit Metadata