compress
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from
$ARGUMENTSor user input. This data is processed without boundary markers or sanitization, potentially allowing instructions within the text to influence agent behavior. * Ingestion points: Data from$ARGUMENTSor user-pasted instructions inSKILL.md. * Boundary markers: None present. * Capability inventory: File read and write operations described inSKILL.md. * Sanitization: None present. - [COMMAND_EXECUTION]: The skill instructions allow the agent to modify the filesystem by replacing files with compressed versions. This capability could be misused if an attacker provides sensitive file paths or uses indirect prompt injection to trick the agent into overwriting unintended files.
Audit Metadata