generate-interface-uml
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): The skill instructs the agent to execute
grepcommands using strings provided by the user (Step 2). Risk: If interface names or reference parameters are not sanitized, an attacker can achieve shell command injection. - [PROMPT_INJECTION] (HIGH): High risk of Indirect Prompt Injection (Category 8) due to codebase ingestion. 1. Ingestion points: User inputs and codebase search results from Step 2. 2. Boundary markers: Absent; search results are not delimited from instructions. 3. Capability inventory: Local command execution (
grep) and arbitrary file system write operations (Step 4). 4. Sanitization: Absent; the skill does not validate content retrieved from the codebase. Risk: Malicious instructions in code comments could hijack the agent session. - [DATA_EXFILTRATION] (MEDIUM): The skill's ability to recursively search the codebase and write output to arbitrary directories can be leveraged to expose sensitive local files.
Recommendations
- AI detected serious security threats
Audit Metadata