oh-interfaces-ipc-to-service
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHPROMPT_INJECTION
Full Analysis
- [Indirect Prompt Injection] (HIGH): The skill creates an attack surface where malicious user input can influence the generation of security-sensitive system code.
- Ingestion points: User-provided C++ interface declarations and authentication level specifications (Steps 1 and 2 in SKILL.md).
- Boundary markers: Absent. The instructions do not include delimiters or warnings for the agent to ignore potentially malicious logic embedded within the user's interface declaration.
- Capability inventory: The agent is instructed to modify multiple files across a Client/Service architecture, including the IPC Proxy, Stub, and most critically, the
IsExclusiveVerificatfunction in the access verifier script which handlesIsSystemCallingorIsFoundationCalling(Steps 6 and 7). - Sanitization: Absent. While the skill asks the agent to check for C++ 17 syntax and style consistency, there are no instructions to validate or sanitize the logic of the user-provided code snippets before incorporating them into the system stubs and verifiers.
- [Metadata Poisoning] (LOW): The description accurately reflects the skill's purpose, but the instructional nature of the markdown body relies entirely on the agent's ability to safely interpret user-provided data for system-level modifications.
Recommendations
- AI detected serious security threats
Audit Metadata