Skills
skills/othmanadi/apex/apex-tier2/Gen Agent Trust Hub

apex-tier2

Warn

Audited by Gen Agent Trust Hub on Mar 14, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs dynamic execution patterns in its validation scripts. Specifically, scripts/validate.sh uses the eval command and scripts/validate.ps1 uses Invoke-Expression to run project-specific validation tasks.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection (Category 8) because it executes commands derived from external project files without sanitization.
  • Ingestion points: Project configuration files including package.json, pyproject.toml, requirements.txt, go.mod, and Cargo.toml.
  • Boundary markers: None identified; instructions do not contain delimiters to ignore embedded commands in the target project.
  • Capability inventory: The skill can execute arbitrary shell commands via eval and Invoke-Expression, and uses npm, npx, pytest, go, cargo, and the GitHub CLI (gh).
  • Sanitization: No validation or escaping is performed on the command strings extracted from project configuration files before execution.
  • [COMMAND_EXECUTION]: The skill automatically generates and submits pull requests using the gh command-line tool, which involves executing external processes with potentially sensitive project data.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 14, 2026, 03:33 PM