smoke-test
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill utilizes the
Bashtool to run CLI commands, managesystemctl --userservices, and send signals. While these are high-privilege capabilities, they are consistent with the skill's stated purpose of 'smoke testing' a local build. - DATA_EXFILTRATION (LOW): The skill is explicitly authorized to read clipboard contents and configuration files. This access is required for verifying transcription and backup features but introduces a risk if the agent is diverted to access sensitive data outside the testing scope.
- PROMPT_INJECTION (LOW): Indirect Prompt Injection Surface: The skill follows instructions located in
docs/SMOKE_TESTS.md. If an attacker can modify this local file, they can trick the agent into executing malicious Bash commands. - Ingestion points:
docs/SMOKE_TESTS.mdvia theReadtool. - Boundary markers: Absent.
- Capability inventory:
Bashtool allows full shell access, signal sending, and service manipulation. - Sanitization: Absent; the agent is instructed to run the procedures found in the document directly.
Audit Metadata