clipboard
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands such as mktemp, cat, pbcopy, rm, and printf to manage temporary files and interact with the system clipboard. It also utilizes uname for platform detection.
- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface by interpolating generated text into a shell script block using a heredoc. 1. Ingestion points: Content generated by the AI agent is directly inserted into the shell command defined in SKILL.md. 2. Boundary markers: The skill uses a quoted heredoc ('CLIPBOARD') which prevents shell expansion but can be bypassed if the delimiter itself is present in the data. 3. Capability inventory: The agent has the ability to execute shell commands and perform file system operations like creation and deletion of temporary files. 4. Sanitization: No specific validation or escaping is implemented to ensure the content does not contain the heredoc delimiter or other shell-breaking sequences.
Audit Metadata