Skills
skills/lijigang/ljg-skills/ljg-roundtable/Gen Agent Trust Hub

ljg-roundtable

Pass

Audited by Gen Agent Trust Hub on Apr 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes arbitrary user-defined topics to simulate persona-based dialogue, creating an indirect prompt injection surface where malicious inputs could influence agent behavior.
  • Ingestion points: User topic input extracted in Step 2 of SKILL.md.
  • Boundary markers: Absent.
  • Capability inventory: Local command execution (date) and file writing (~/Documents/notes/).
  • Sanitization: Absent.
  • [COMMAND_EXECUTION]: The skill requires the agent to execute the system date command to generate timestamps for its logging functionality.
  • [COMMAND_EXECUTION]: The skill instructs the agent to write full discussion logs to a file in the ~/Documents/notes/ directory. The filename is partially constructed from user-supplied keywords (议题关键词), which could lead to directory traversal or file manipulation if the agent does not properly sanitize the resulting path.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 17, 2026, 01:45 PM