ctf-writeup
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to use find and grep commands to scan the local filesystem for potential exploit scripts and flag strings. These commands are tailored to common CTF patterns and are used to gather data necessary for documentation.
- [PROMPT_INJECTION]: The skill processes content from local challenge files and scripts, which creates an indirect prompt injection surface. Ingestion points: local files and scripts identified during discovery. Boundary markers: none explicitly defined for ingested content. Capability inventory: filesystem read/write/edit via bash, and network tools (WebFetch, WebSearch). Sanitization: the skill lacks explicit sanitization of file content but mitigates risk through a detailed quality checklist and a strict output template.
Audit Metadata