sprites
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill instructs the agent on using the 'sprite' CLI for local and remote command execution. As this is the core utility of the skill, the severity is lowered per the primary purpose rule.
- PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8) because it processes untrusted data from remote VMs. \n
- Ingestion points: Standard output/error from 'sprite exec' and VM file contents pulled via cat/base64.\n
- Boundary markers: No instructions are provided to the agent to treat VM output as untrusted or to use delimiters to separate instructions from data.\n
- Capability inventory: The skill enables remote shell execution, VM lifecycle management, and network policy modification.\n
- Sanitization: There is no evidence of sanitization or validation of data retrieved from the remote environment before it is processed by the agent.
Audit Metadata