manage-tags
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses the 'dino' CLI tool via Bash to list and add tags based on user requests in SKILL.md.
- [PROMPT_INJECTION]: The skill contains a vulnerability surface for indirect prompt injection.
- Ingestion points: The skill accepts user-provided input through the '$ARGUMENTS' variable which is then used directly in a shell command.
- Boundary markers: There are no delimiters or specific instructions provided to the agent to treat the input as data only or to ignore embedded instructions.
- Capability inventory: The skill is authorized to use the Bash tool to execute system commands.
- Sanitization: Although the skill wraps the input variable in double quotes (e.g., "$ARGUMENTS"), this does not prevent certain types of shell injection or sub-command execution if the input contains malicious shell syntax like backticks or dollar-parenthesis.
Audit Metadata