prompt-recommendation
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION] (HIGH): File 'references/目录结构统计与排序Prompt.md' instructs the agent to execute shell commands via 'run_terminal_cmd'. This includes file system searches ('find') and file renaming ('mv'). While it advises using quotes for safety, executing shell commands based on dynamic, potentially untrusted folder names is a significant security risk.
- [PROMPT_INJECTION] (HIGH): The skill is susceptible to Indirect Prompt Injection. An attacker could create a folder with a name containing shell metacharacters to execute arbitrary code when the statistics tool processes the directory tree. Ingestion points: Local directory names and paths. Boundary markers: None. Capability inventory: Shell command execution and file system modification. Sanitization: None, the skill relies solely on the agent following natural language instructions to handle special characters.
Recommendations
- AI detected serious security threats
Audit Metadata