community-status
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION] (HIGH): The skill uses high-priority instructions ('IMPORTANT', 'do not just show status') to override the agent's behavior and force it into a 'Bootstrap Ritual' defined in an external file (CLAUDE.md) if certain conditions are met. This is a behavioral redirection that could be used to manipulate agent persona or operations.
- [COMMAND_EXECUTION] (MEDIUM): Executes local Python scripts (
community_status.py,persona_status.py) via shell. These scripts interact with configuration files and data synced from Discord and Telegram, which are externally controlled platforms, creating a potential vector for indirect injection. - [EXTERNAL_SCAN_ALERT] (HIGH): Automated scanners identified a malicious/blacklisted URL associated with the
PROFILE.mdfile mentioned in the skill. This file is central to the skill's execution and status reporting, suggesting it may contain malicious content or exfiltration markers. - [DATA_EXPOSURE] (LOW): The skill's status output reveals internal filesystem paths to sensitive configuration and data files to the agent context.
Recommendations
- AI detected serious security threats
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata