Skills
skills/plurigrid/asi/wev-tesseract/Gen Agent Trust Hub

wev-tesseract

Warn

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • DATA_EXFILTRATION (MEDIUM): The skill contains logic to crawl the file system starting from the user's home directory. Specifically, the collapse-all-skills function accesses the HOME environment variable and uses listFiles() to enumerate directories and locate SKILL.md files.
  • Evidence: (str/replace dir "~" (System/getenv "HOME")) and .listFiles (java.io.File. expanded).
  • COMMAND_EXECUTION (LOW): The skill instructions include commands that execute local files using Babashka (bb) and the just task runner. This relies on the presence of a local script lib/wev_26_worlds.clj which is not provided in the snippet.
  • Evidence: bb lib/wev_26_worlds.clj, just wev-collapse.
  • INDIRECT_PROMPT_INJECTION (LOW): The skill is designed to ingest and process data from other SKILL.md files across the system. This creates a surface where a malicious skill file elsewhere on the machine could influence the agent's behavior during the 'collapse' protocol.
  • Ingestion points: SKILL.md files found in skill-dirs.
  • Boundary markers: Absent; the skill reads the file contents directly.
  • Capability inventory: File system enumeration, local script execution via bb.
  • Sanitization: None detected for the ingested file paths or metadata.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 19, 2026, 03:08 PM