rust-daily
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The execution block attempts path traversal by reading '../../agents/rust-daily-reporter.md'. This command accesses files outside the skill's defined directory structure, which is a significant security violation that could expose sensitive agent configuration or internal instructions.
- [PROMPT_INJECTION] (MEDIUM): The skill is vulnerable to Indirect Prompt Injection (Category 8) because it processes untrusted data from external sources. 1. Ingestion points: External web content from Reddit and community blogs (SKILL.md). 2. Boundary markers: Absent. 3. Capability inventory: Spawns a general-purpose subagent to process the downloaded content. 4. Sanitization: None detected. This allows malicious instructions embedded in web content to influence the subagent's behavior.
- [EXTERNAL_DOWNLOADS] (LOW): The skill is configured to fetch data from various external domains. While most are official Rust sources, the inclusion of community-driven sites like Reddit increases the risk of ingesting malicious or manipulated content.
Recommendations
- AI detected serious security threats
Audit Metadata