validate-binaries
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill identifies a version string from context and interpolates it into a shell command. Without sanitization, a malicious version string could trigger command injection. Ingestion points:
${VERSION}variable in Bash commands. Boundary markers: None present. Capability inventory: Bash tool usage forobjdumpandgrep. Sanitization: None provided in the instructions. - [Command Execution] (SAFE): The commands used (
objdump,grep) are standard diagnostic tools and are used here for the appropriate purpose of binary inspection.
Audit Metadata