peon-ping-use
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell and PowerShell scripts (e.g., peon.sh) to list available voice packs and update configurations. These operations are restricted to the vendor-specific subdirectories within the agent's configuration folder.
- [INDIRECT_PROMPT_INJECTION]: The skill processes user-supplied voice pack names to update session state. Ingestion points: User input via the /peon-ping-use command in SKILL.md. Boundary markers: The instructions advise the agent to validate the requested pack against an inventory of installed packs. Capability inventory: The skill reads/writes JSON configuration files and executes local scripts. Sanitization: Manual fallback steps include a verification phase to ensure the pack exists before processing the request.
Audit Metadata