wsl
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches Linux distribution images from Microsoft's official repositories via the 'wsl --install' command. This is a core management function and targets a well-known, trusted source.
- [COMMAND_EXECUTION]: Provides the capability to execute arbitrary Linux commands on the host system using the 'wsl' interface. While it includes specific safety rules against dangerous commands like 'rm -rf /', the agent still maintains high-impact access to system utilities and development tools.
- [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection. Ingestion points: The agent processes data from the local filesystem through commands such as 'wsl -- cat' and 'wsl -- grep' on paths like '/mnt/c/'. Boundary markers: There are no explicit delimiters or safety instructions to distinguish between data and potential malicious instructions within those files. Capability inventory: The agent can execute a wide range of shell commands and access the Windows host filesystem via mount points. Sanitization: No evidence of sanitization or validation of file contents exists before the data is processed by the agent.
Audit Metadata