prompt-hardening
Fail
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: HIGHCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The shell script located at 'scripts/audit.sh' contains a critical command injection vulnerability. The script reads the content of a user-provided file into the 'CONTENT' and 'LOWER' variables and then passes these variables into a string that is executed as a command via 'if $1'. Because the variables are not properly sanitized and are used within a command execution context, an attacker can include shell metacharacters such as backticks or '$(command)' within a prompt file to execute arbitrary commands on the system.
- [DATA_EXFILTRATION]: The command injection vulnerability in 'scripts/audit.sh' can be leveraged to exfiltrate sensitive data. An attacker could craft a prompt file that, when processed by the audit script, executes commands to send environment variables, local configuration files, or other sensitive system data to an external server.
- [PROMPT_INJECTION]: The skill's metadata (triggers and description) includes explicit references to 'ignore rules', 'bypass constraints', and 'creative circumvention'. While these terms are used within the context of a tool designed to prevent such behaviors, they match known prompt injection patterns used to override agent constraints.
Recommendations
- AI detected serious security threats
Audit Metadata