Skills
skills/julianromli/opencode-template/writing-skills/Gen Agent Trust Hub

writing-skills

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The files CLAUDE_MD_TESTING.md and persuasion-principles.md function as a handbook for overriding AI agent behavior and safety filters. They include instructions designed to make an agent 'unable to rationalize away compliance' and use 'Authority' framing to 'eliminate decision fatigue and rationalization.' This is a meta-level injection technique aimed at systemic behavioral override.
  • COMMAND_EXECUTION (MEDIUM): The script render-graphs.js utilizes child_process.execSync to run the system dot command (Graphviz) on content extracted via regex from SKILL.md. While the script passes input via stdin, executing external binaries on content parsed from markdown files presents a risk if the external binary has vulnerabilities or if the parsing is subverted.
  • INDIRECT_PROMPT_INJECTION (HIGH): The skill's documentation variants (Variant C and D) are designed to be placed in CLAUDE.md to permanently alter the agent's operating instructions, specifically forcing it to prioritize external 'skills' over its own reasoning, creating a high-risk surface for subsequent malicious skill injection.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:12 AM