add-command
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run
cargo checkandcargo test. These commands execute the Rust compiler and test runner on the local system to verify the newly created command files. - [PROMPT_INJECTION]: There is a risk of indirect prompt injection because the skill accepts user-provided command names and descriptions to generate source code. A malicious user could provide input designed to produce dangerous Rust code—such as code that performs unauthorized file access or network operations—which would then be executed during the
cargo testphase. - Ingestion points: User-supplied command name and functional description (SKILL.md).
- Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore embedded commands in the user input.
- Capability inventory: The skill allows writing to the filesystem (
src/commands/,src/main.rs, etc.) and executing shell commands (cargo). - Sanitization: Absent; the skill does not include steps to validate or sanitize the user-provided logic before incorporating it into the Rust templates.
Audit Metadata