Skills
skills/pedrohcgs/claude-code-my-workflow/visual-audit/Gen Agent Trust Hub

visual-audit

Fail

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • COMMAND_EXECUTION (HIGH): The skill instructions directly interpolate user-provided arguments into a shell command: quarto render Quarto/$ARGUMENTS. This allows for arbitrary command injection if a filename contains shell metacharacters like semicolons or pipes. \n- REMOTE_CODE_EXECUTION (MEDIUM): Auditing .qmd or .tex files requires rendering or compilation, which can execute embedded code or macros. This enables arbitrary code execution if the files provided to the skill are untrusted. \n- PROMPT_INJECTION (LOW): The skill exposes an indirect prompt injection surface by processing external files without sanitization or boundary markers. Evidence Chain: 1. Ingestion points: .qmd and .tex files via Read/Grep/Glob. 2. Boundary markers: Absent. 3. Capability inventory: Task tool (shell execution), Write tool (file modification), and rendering engines. 4. Sanitization: None.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 19, 2026, 07:51 AM