zephyr
Pass
Audited by Gen Agent Trust Hub on Mar 4, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the 'west' meta-tool via pip and utilize it to clone the Zephyr project source and modules from the official 'zephyrproject-rtos' GitHub organization. These are standard procedures for RTOS development.
- [COMMAND_EXECUTION]: The workflow involves several command-line operations including 'west build' for compilation, 'west flash' for hardware programming, and 'west debug' for interactive debugging. It also includes instructions for running host-based simulations using 'native_sim'.
- [PROMPT_INJECTION]: A potential surface for indirect prompt injection exists through the use of 'west' manifest files (west.yml), which define external project repositories. This allows for the ingestion of untrusted data that could influence the agent's workspace setup. Evidence Chain: 1. Ingestion points: 'west.yml' manifest configuration files (references/west-manifest.md). 2. Boundary markers: None identified in provided examples. 3. Capability inventory: Execution of shell commands via 'west' and 'pip', and local file system writes. 4. Sanitization: No validation of manifest content is mentioned.
Audit Metadata