meta-analysis
Fail
Audited by Gen Agent Trust Hub on Feb 15, 2026
Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill processes untrusted external datasets (effect sizes, study results) while having access to powerful tools like Bash and Write.
- Ingestion points: External data files or user input containing study results.
- Capability inventory: Use of Bash, Read, and Write tools.
- Boundary markers: Absent; no instructions to ignore embedded commands in study data.
- Sanitization: Absent; no validation logic for external content.
- [Command Execution] (MEDIUM): The skill requests the Bash tool in its metadata, which increases the impact of successful prompt injection through malicious study data.
Recommendations
- AI detected serious security threats
Audit Metadata