operator-theory
Pass
Audited by Gen Agent Trust Hub on Apr 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool and theuvPython manager to execute local utility scripts (z3_solve.py,sympy_compute.py) for mathematical verification and computation. This is the intended operational mode for the skill's problem-solving capabilities. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it accepts mathematical expressions as input and passes them to shell-based tools. * Ingestion points: Mathematical expressions passed as arguments to Z3 and Sympy scripts in
SKILL.md. * Boundary markers: Not present; user input is interpolated directly into command strings. * Capability inventory: The skill has explicit permission to use theBashtool to run commands. * Sanitization: The instruction set does not provide any logic for validating or escaping the input strings before execution.
Audit Metadata