Skills
skills/neversight/skills_feed/find-replace/Gen Agent Trust Hub

find-replace

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (MEDIUM): The skill processes untrusted data from files that could contain malicious instructions.
  • Ingestion points: Files read via rg (ripgrep) or cat for pattern matching and replacement.
  • Boundary markers: None present; the agent treats file content as raw data for regex processing.
  • Capability inventory: The skill uses the Bash tool to execute sd, which has file-write permissions, and rg, which can read arbitrary files.
  • Sanitization: No sanitization of file content is performed before processing.
  • Metadata Poisoning (LOW/INFO): The automated scan flagged logger.info as a malicious URL. This is a false positive; the string appears in a regex replacement example sd 'console\.log\((.*)\)' 'logger.info($1)' and is not a network location.
  • Command Execution (LOW): The skill requires and executes external CLI tools (sd, rg). While these are standard utilities, their use on untrusted file paths should be monitored.
Recommendations
  • Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 09:19 AM