Skills
skills/salavender/antigravity-compound-engineering-plugin/file-todos/Gen Agent Trust Hub

file-todos

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION] (HIGH): The skill exhibits a Category 8 vulnerability (Indirect Prompt Injection). It ingests untrusted file names and content from the 'todos/' directory without sanitization or boundary markers. Combined with its shell execution capabilities, this allows maliciously named files to trigger arbitrary command execution.
  • [COMMAND_EXECUTION] (HIGH): The 'Creating Todos' workflow interpolates user-provided strings directly into bash commands. A description containing shell metacharacters (e.g., '; rm -rf /') would be executed if the agent runs the provided 'cp' command template.
  • [COMMAND_EXECUTION] (MEDIUM): The skill attempts to run './scripts/log-skill.sh'. The logic of this script is not provided, posing an unverified code execution risk.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 12:04 AM