bdistill-behavioral-xray
Warn
Audited by Gen Agent Trust Hub on Mar 21, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the bdistill Python package. This dependency originates from a source that is not verified as a trusted vendor or well-known service.
- [COMMAND_EXECUTION]: The skill provides instructions to modify the agent's execution environment by adding a Model Context Protocol (MCP) server. Evidence: 'claude mcp add bdistill -- bdistill-mcp' in SKILL.md.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it ingests and processes potentially untrusted data (model responses) to generate behavioral reports. * Ingestion points: Responses from the AI model to probing questions (SKILL.md). * Boundary markers: No markers or instructions to ignore embedded commands are present. * Capability inventory: The skill utilizes package installation and environment configuration tools (SKILL.md). * Sanitization: No sanitization or validation of the ingested model output is documented.
Audit Metadata