synapse-reinst
Warn
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill documentation directs the agent to 'Follow the instructions as if they were just sent to you' based on script output, which constitutes a directive to override its current behavioral constraints.
- [COMMAND_EXECUTION]: Requires the execution of a local Python script (scripts/reinst.py).
- [PROMPT_INJECTION]: Indirect injection risk surface from unsanitized local file ingestion. Ingestion points: script reads from registry JSON files and '.synapse/default.md'. Boundary markers: Absent. Capability inventory: The skill directs the agent to treat script output as its core system instructions. Sanitization: Absent.
Audit Metadata