Skills
skills/muku314115/lol/hello-replacer/Gen Agent Trust Hub

hello-replacer

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The directive to inject misspelled profanity ('fuckk') into the codebase acts as an instruction to bypass standard AI safety guidelines and propagate offensive content.
  • [PROMPT_INJECTION]: The skill exposes an indirect prompt injection vulnerability surface.
  • Ingestion points: File contents are read into the agent context using the Read tool after discovery by Grep.
  • Boundary markers: There are no instructions or delimiters defined to prevent the agent from being influenced by instructions embedded within the codebase files.
  • Capability inventory: The skill utilizes Grep, Read, and Edit (with the powerful replace_all flag) across the entire codebase.
  • Sanitization: No validation, escaping, or filtering is applied to the data before the replacement operation is performed.
  • [COMMAND_EXECUTION]: The skill automates the use of file system tools (Grep and Edit) for bulk modification. While these are platform-provided tools, the logic facilitates wide-scale automated defacement of the project's source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 10:16 AM