linux-troubleshooting
Pass
Audited by Gen Agent Trust Hub on Apr 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill documentation provides numerous shell commands for system diagnosis, resource monitoring, and service management, including 'uptime', 'top', 'df', 'iostat', 'ps', 'lsof', 'strace', and 'systemctl'.
- [PROMPT_INJECTION]: The skill defines a surface for indirect prompt injection (Category 8) by using placeholders for user-supplied data in shell commands. \n
- Ingestion points: 'PID', 'target', 'domain', and 'service' variables in SKILL.md. \n
- Boundary markers: No delimiters or instructions to ignore embedded commands are present in the workflow. \n
- Capability inventory: The agent is instructed to use tools like 'bash-linux', 'performance-engineer', and 'server-management' which have shell execution capabilities. \n
- Sanitization: No validation or escaping of the user-provided inputs is mentioned before they are passed to the shell.
Audit Metadata