Skills
skills/macho715/hvdc-codex-ops/hs-risk/Gen Agent Trust Hub

hs-risk

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (HIGH): The instructions in SKILL.md require executing PowerShell with the -ExecutionPolicy Bypass flag. This bypasses security controls meant to restrict script execution, potentially allowing unauthorized code to run.\n- [COMMAND_EXECUTION] (MEDIUM): The run.ps1 script executes an unverified local Python script tools/hvdc_ops.py. Without the source for this tool, the skill's full behavior cannot be audited for malicious activity.\n- [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection through its data ingestion process.\n
  • Ingestion points: data/items.csv is processed by the Python tool.\n
  • Boundary markers: No delimiters or safety instructions are used to separate untrusted data from agent logic.\n
  • Capability inventory: The skill can execute PowerShell, run Python scripts, and write to the filesystem (reports/hs_risk.md).\n
  • Sanitization: There is no evidence of data sanitization or validation in the provided instructions or script.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:48 PM