Skills
skills/openclaw/skills/undetectable-ai/Gen Agent Trust Hub

undetectable-ai

Fail

Audited by Gen Agent Trust Hub on Feb 14, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): Vulnerability surface detected where untrusted external text is processed by an agent with high-privilege tool access.\n
  • Ingestion points: Input text is read from files or standard input using fs.readFileSync in scripts/analyze.ts and scripts/transform.ts.\n
  • Boundary markers: The skill does not implement any delimiters or defensive prompts to distinguish between data and instructions within the ingested text.\n
  • Capability inventory: The SKILL.md frontmatter authorizes the use of Shell, Read, Write, StrReplace, and Glob tools.\n
  • Sanitization: No security-focused sanitization is performed on input text; the transformation logic focuses purely on stylistic regex replacements for AI-detection evasion.\n- Command Execution (MEDIUM): The skill documentation encourages use of the Shell tool for installation and execution of TypeScript scripts. This capability provides a vector for system compromise if the agent's instructions are overridden via data processed from external files.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 14, 2026, 04:45 PM