import-command
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFEPROMPT_INJECTIONNO_CODE
Full Analysis
- [PROMPT_INJECTION] (LOW): Indirect Prompt Injection surface detected. The skill processes external file content from
.cursor/commands/which could contain malicious instructions designed to hijack the agent's behavior during the conversion process. - Ingestion points:
.cursor/commands/<command-name>.md(File read operation). - Boundary markers: Absent. The skill does not provide instructions to the agent to treat the input files strictly as data or to ignore embedded instructions.
- Capability inventory: The agent can create new files in
.claude/skills/and modifyCLAUDE.md. - Sanitization: Absent. No validation or escaping of the input content is specified.
- Mitigation: The skill includes a human-in-the-loop 'Present for Approval' step (Step 6) before any files are created, which mitigates the risk of automated exploitation.
- [NO_CODE] (SAFE): No executable scripts, binaries, or shell commands are included in the skill. All operations are carried out via natural language instructions to the AI agent.
Audit Metadata