dak
Warn
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the '@littlelittlecloud/dak-cli' package globally via npm and utilizes the '@littlelittlecloud/dak' TypeScript SDK.
- [COMMAND_EXECUTION]: The skill performs shell operations using the 'dak' CLI for search and retrieval, 'grep' for local file searching, and standard shell redirection for writing output summaries.
- [DATA_EXFILTRATION]: The skill connects to an external API endpoint at 'https://dak-news.com' to fetch news and social media feed data.
- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes large amounts of untrusted content from external news and social media sources. Malicious instructions embedded in these feeds could potentially influence the agent's behavior during the analysis and summarization process. * Ingestion points: External feed data retrieved through the 'dak' CLI in SKILL.md, daily-summary.md, and topic-summary.md. * Boundary markers: Absent. There are no instructions or delimiters to isolate the external content from the agent's logic. * Capability inventory: Subprocess execution of 'dak' and 'grep', as well as local file system writes for summary generation. * Sanitization: Absent. The skill does not define methods for validating or cleaning retrieved content before use.
Audit Metadata