de-ai-ify
Pass
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes untrusted external data (raw text or file content) provided via arguments. This creates a surface for indirect prompt injection where malicious instructions embedded in the source text could influence the agent's behavior.
- Ingestion points: Processes data from the
$ARGUMENTSvariable, which can contain raw text or a file path to be read (Step 1). - Boundary markers: The skill does not implement delimiters or explicit 'ignore instructions' warnings for the processed text.
- Capability inventory: The skill has permissions to read local files and write new files to the filesystem with a
-HUMANsuffix (Step 5). - Sanitization: No input validation or sanitization is performed on the text content prior to processing.
- [COMMAND_EXECUTION]: The skill performs filesystem operations, including reading files and writing copies of files based on user-supplied paths. This is consistent with the primary purpose of the skill but involves interacting with the local environment.
Audit Metadata