shell-prompt
Warn
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [Command Execution] (MEDIUM): Documentation in
references/performance-tuning.mdincludes asudocommand to modify system kernel parameters in/etc/sysctl.conf. It also recommends modifying shell startup files (~/.zshrc) to load external code, which is a persistence mechanism. The benchmarking scriptscripts/benchmark-prompt.zshexecutes the interactive shell environment to measure startup latency. - [External Downloads] (LOW): Multiple files recommend cloning repositories from GitHub accounts not on the Trusted External Sources list, including
romkatv/zsh-bench,romkatv/powerlevel10k, andsoftmoth/zsh-vim-mode. While common in the shell customization community, these are unverifiable third-party sources. - [Indirect Prompt Injection] (LOW): The script
scripts/benchmark-prompt.zshingests output from external tools likegit statusandstarship timingswithout explicit sanitization. 1. Ingestion points:detect_prompt,git statusoutput inbenchmark-prompt.zsh. 2. Boundary markers: Absent. 3. Capability inventory: Local command execution and file reads. 4. Sanitization: None.
Audit Metadata