10-andruia-skill-smith
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to perform direct file system operations, including creating directories and writing README.md files at a specific hardcoded path:
D:\...\antigravity-awesome-skills\skills\(SKILL.md). - [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it generates new agent instructions based on untrusted user input collected in Phase 1.
- Ingestion points: Untrusted input is received for the technical name, expert role, and key outputs of the new skill (SKILL.md).
- Boundary markers: Absent; there are no instructions to use delimiters or ignore embedded instructions when the agent generates the new skill documentation.
- Capability inventory: The skill possesses the capability to write files and modify the local repository registry (SKILL.md).
- Sanitization: Absent; the skill does not provide logic for validating or escaping the user-provided role descriptions before they are incorporated into the generated instructions.
Audit Metadata