edit
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes vendor-specific CLI commands mthds-agent and mthds for file validation and execution. This is core functionality for the mthds-ai vendor ecosystem.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection. Ingestion points: Reads .mthds files in Step 1. Boundary markers: No explicit delimiters or instructions to ignore embedded instructions are present in the file parsing phase. Capability inventory: Execution of local CLI commands mthds-agent and mthds in Steps 4, 5, and 6. Sanitization: No sanitization of the content from ingested .mthds files is performed prior to processing.
Audit Metadata