baoyu-infographic
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes bash commands (test -f) to detect configuration files (EXTEND.md) in the project and home directories.
- [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection.
- Ingestion points: Reads untrusted source content from file paths or user input in Step 1.2.
- Boundary markers: Employs markdown structure in generated prompts but lacks specific instructions to ignore embedded commands.
- Capability inventory: Capable of file system read/write/rename operations and calling external image generation tools.
- Sanitization: Mandates verbatim preservation of input data, preventing filtering of malicious instructions.
Audit Metadata