linux-clipboard
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill establishes a vulnerability surface for indirect prompt injection.
- Ingestion points: The agent reads external data from the system clipboard using 'xclip -selection clipboard -o' and 'xsel --clipboard --output' (SKILL.md).
- Boundary markers: Absent. The skill does not provide delimiters or instructions for the agent to ignore or isolate potentially malicious instructions embedded in the clipboard content.
- Capability inventory: The skill executes shell commands (xclip, xsel) and includes examples for reading local file content via stdin redirection (SKILL.md).
- Sanitization: Absent. There is no evidence of filtering, escaping, or sanitizing the data ingested from the clipboard.
- [COMMAND_EXECUTION]: The skill relies on system-level command execution to interact with the clipboard and includes installation instructions that use 'sudo' with package managers (apt, dnf), which requires elevated permissions.
Audit Metadata