peon-ping-use
Pass
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The manual fallback instructions describe running a local shell script (
peon.sh) located within the vendor's configuration directory (~/.claude/hooks/peon-ping/). - [PROMPT_INJECTION]: The skill relies on extracting a voice pack name from user input to update configuration files and execute shell commands. This creates an indirect prompt injection surface (Category 8) where malicious user input could attempt to escape the command context, although the instructions include a verification step to mitigate this risk.
- Ingestion points: User-provided voice pack name (e.g.,
/peon-ping-use <packname>). - Boundary markers: None explicitly defined for the shell command construction.
- Capability inventory: File reading/writing (JSON config/state) and shell script execution (
bash peon.sh). - Sanitization: The instructions advise the agent to "verify the requested pack exists" before execution.
Audit Metadata