run
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
mthds-agentCLI to perform several operations. These include fetching input schemas withmthds-agent pipelex inputsand executing pipelines usingmthds-agent pipelex run pipe. The commands are used to process local bundles and manage workflow execution. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it processes untrusted data provided by users.
- Ingestion points: Data is ingested through the
inputs.jsonfile located in the bundle directory or via the--inputsJSON flag in the command line. - Boundary markers: No specific boundary markers or 'ignore' instructions are defined within the skill to isolate untrusted content from the pipeline execution context.
- Capability inventory: The skill triggers shell command execution through the
mthds-agenttool and performs file system operations (writinglive_run.jsonand.htmlfiles). - Sanitization: The instructions do not describe any sanitization or validation of the input data before it is passed to the execution tool.
Audit Metadata