ljg-rank
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes the system
dateutility to generate formatted timestamps for file naming and logging purposes. This is a standard administrative operation and does not involve passing untrusted user input to the shell.- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection as it ingests and processes data from user-managed local files and external domain inputs to build its reasoning context. - Ingestion points: Reads content from local files including
~/Documents/know/soul.md,~/Documents/know/memory.md, and~/Documents/know/concepts.org, as well as user-provided domain strings. - Boundary markers: The instructions do not define specific delimiters or security headers to separate ingested content from system instructions.
- Capability inventory: The skill has the ability to read and write files within the user's document directory and execute the
datecommand. - Sanitization: There is no evidence of validation or sanitization of the content retrieved from local files before it is processed by the agent.
Audit Metadata