Skills
skills/lijigang/ljg-skill-xray-article/ljg-xray-article/Gen Agent Trust Hub

ljg-xray-article

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute specific system commands.
  • It executes date +%Y%m%dT%H%M%S to generate a timestamp for file naming.
  • It executes open ~/Documents/notes/{文件名} to display the generated report to the user.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection (Category 8) due to its core functionality of processing external data.
  • Ingestion points: The skill fetches content from user-provided URLs using the WebFetch tool in Step 1.
  • Boundary markers: The instructions do not include specific delimiters or warnings to the agent to disregard instructions that might be embedded within the fetched article content.
  • Capability inventory: The skill possesses file-writing capabilities (via the Write tool to the ~/Documents/notes/ directory) and shell execution capabilities (bash).
  • Sanitization: There is no explicit logic described to sanitize or escape the content retrieved from external sources before it is analyzed or included in the generated report.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 04:59 AM