add-command
Warn
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions require the agent to execute a user-provided command string ($ARGUMENTS) with the --help flag and within the man command. This pattern is susceptible to command injection if the user input contains shell metacharacters.
- [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection by ingesting untrusted data from local tldr pages and command outputs. Ingestion points: Files in ~/source/tldr/pages/ and the stdout of $ARGUMENTS --help. Boundary markers: None identified. Capability inventory: The agent executes shell commands (ls, cat, just) and writes Python source files. Sanitization: No validation or sanitization of external content is performed.
Audit Metadata