devrel-content
Warn
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The 'Technical Accuracy Checklist' in
SKILL.mdinstructs the agent to 'Copy-paste every snippet and run it' and 'Run every CLI command' to verify accuracy. This is a directive to execute arbitrary, dynamically generated code and system commands, which poses a significant security risk if the agent has shell access.\n- [DATA_EXFILTRATION]: The skill requires reading a local context file at.agents/developer-audience-context.md. While used for configuration, this pattern of accessing specific files on the local filesystem increases the data exposure surface.\n- [PROMPT_INJECTION]: The skill is designed to ingest and process data from external research sources (like Reddit or Hacker News) and local files, which presents a surface for indirect prompt injection.\n - Ingestion points: Reads
.agents/developer-audience-context.mdand research data from community platforms.\n - Boundary markers: No explicit delimiters or instructions to ignore embedded commands are provided for these inputs.\n
- Capability inventory: The skill allows for file system reads and the execution of shell commands.\n
- Sanitization: No sanitization or validation of external or local input data is described.
Audit Metadata