Skills
skills/kirkluokun/awesome-a-stock-openclawskills/war-room/Gen Agent Trust Hub

war-room

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Executes the local bash script 'init_war_room.sh' to initialize the directory structure and templates for new projects.
  • [COMMAND_EXECUTION]: Utilizes system-level commands 'open' on macOS and 'xdg-open' on Linux to display generated documents and visual artifacts to the operator.
  • [PROMPT_INJECTION]: The skill features a multi-agent architecture that ingests user-provided project briefs, which presents a surface for indirect prompt injection. 1. Ingestion points: Untrusted data enters via 'BRIEF.md' and shared 'comms/' files. 2. Boundary markers: The briefing template for subagents lacks explicit delimiters or instructions to ignore embedded commands. 3. Capability inventory: Agents have access to the local filesystem and the platform's cron API for session continuity. 4. Sanitization: No sanitization is performed on input markdown data before it is processed by the agent waves.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 05:33 AM