intent-framed-agent
Pass
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute
entire status 2>/dev/nullto check for tool availability. This is a low-risk, read-only status check used for environmental detection.\n- [EXTERNAL_DOWNLOADS]: The documentation includesnpx skills addcommands that fetch additional components from the author's verified repository (pskoett/pskoett-ai-skills). These represent standard installation procedures for the vendor's resources.\n- [PROMPT_INJECTION]: The workflow relies on user-provided input to define intent frames, creating a potential surface for indirect prompt injection. 1. Ingestion points: User cues like 'go ahead' and confirmation messages. 2. Boundary markers: The skill uses structured markdown headers (e.g., '## Intent Frame #N') to delimit blocks. 3. Capability inventory: The skill utilizes minimal command-line interaction for status checks. 4. Sanitization: The agent is directed to summarize input into a constrained template format, acting as a natural filter.
Audit Metadata