earllm-build
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFEDATA_EXFILTRATIONPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [DATA_EXFILTRATION]: Disclosure of a local filesystem path 'C:\Users\renat\earbudllm' reveals the system username and local folder structure.
- [PROMPT_INJECTION]: The application architecture described in the skill is susceptible to Indirect Prompt Injection. Ingestion points: Untrusted voice data is captured from Bluetooth hardware (VoiceCaptureController.kt). Boundary markers: No delimiters or 'ignore' instructions are mentioned for the transcribed prompts. Capability inventory: The app has network access (RealLlmClient.kt) and the skill contains powershell file manipulation commands. Sanitization: No sanitization or filtering logic is described for the voice transcripts before they are passed to the LLM.
- [COMMAND_EXECUTION]: Provides a PowerShell command that performs filesystem deletions and compression. While intended for build automation, it demonstrates a capability for broad filesystem manipulation on the local host.
Audit Metadata