Skills
skills/oimiragieo/agent-studio/token-saver-context-compression/Gen Agent Trust Hub

token-saver-context-compression

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Spawns pnpm and python subprocesses using spawnSync with shell: false. This approach ensures that arguments are not interpreted by a shell, effectively mitigating command injection vulnerabilities.
  • [PROMPT_INJECTION]: Features an indirect prompt injection surface due to the processing of untrusted data from the local file system. Malicious instructions embedded in files could influence the compression process or the generated memory records.
  • Ingestion points: main.cjs reads file paths and content from search results to build a context corpus.
  • Boundary markers: The skill lacks clear delimiters or instructions for the model to ignore prompts hidden within the ingested text.
  • Capability inventory: The tool has permissions to execute scripts and write results to the memory files used by the agent.
  • Sanitization: No content validation or sanitization is performed on the ingested data beyond basic ANSI code stripping.
  • [DATA_EXFILTRATION]: All operations are performed locally. No network-related commands or calls were found, ensuring that data exposure is confined to the project environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 04:04 AM