10-andruia-skill-smith
Pass
Audited by Gen Agent Trust Hub on Mar 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform filesystem operations including directory creation and file writing at a specific local Windows path: D:...\antigravity-awesome-skills\skills.
- [PROMPT_INJECTION]: The skill ingests untrusted user input during Phase 1 (Name, Role, Outputs) to generate new instructions (Phase 2), creating an indirect prompt injection surface. The process lacks boundary markers or sanitization, and the resulting skills are granted capabilities to modify the local filesystem and central registry in Phase 3.
- [PROMPT_INJECTION]: The skill includes instructions to update a 'master registry' configuration. This allows the integration of new behaviors into the agent's orchestrator, potentially enabling the persistent introduction of unauthorized or malicious capabilities if the generated content is not manually reviewed.
Audit Metadata