cron-scheduling
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides comprehensive instructions for executing arbitrary commands via crontab, systemctl, and at.
- [COMMAND_EXECUTION]: Includes a Bash wrapper script (cron-wrapper.sh) that executes commands provided as arguments.
- [COMMAND_EXECUTION]: Documents methods for performing privileged operations using sudo, such as managing system-wide timers and other users' scheduled tasks.
- [PROMPT_INJECTION]: Debugging instructions involve reading system logs (syslog, journalctl), which presents an indirect prompt injection surface where malicious log content could influence agent behavior.
- Ingestion points: System log files (/var/log/syslog, /var/log/cron) and journalctl output (SKILL.md).
- Boundary markers: No markers or instructions to ignore embedded commands are included when reading logs.
- Capability inventory: Full subprocess execution via scheduling tools like crontab and at (SKILL.md).
- Sanitization: No sanitization or validation of log content is implemented before processing.
Audit Metadata