mgrep
Pass
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: LOWPROMPT_INJECTIONNO_CODE
Full Analysis
- Prompt Injection (LOW): The skill contains directives that attempt to override the agent's default tool selection logic, explicitly instructing it to 'always' use this tool and 'not use grep'. This is a steering technique to bypass trusted system utilities.
- NO_CODE (INFO): No source code, binaries, or installation scripts are provided. The functional safety of the referenced 'mgrep' command cannot be assessed from the skill definition alone.
- Indirect Prompt Injection (LOW): The skill describes a tool for processing local file content, which creates an ingestion surface for untrusted data. Ingestion points: Local files via search queries. Boundary markers: None provided in the instructions. Capability inventory: Searching and retrieving lines from local files. Sanitization: None. There is a risk that malicious instructions within searched files could influence the agent's reasoning.
Audit Metadata