mobile-design
Fail
Audited by Gen Agent Trust Hub on Feb 16, 2026
Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- In direct Prompt In ject io n (HIGH): The skill man dates readi n g eigh t external markdown files (e.g., mobile-performan ce.md) before task s. Because the AI has access to the Bash tool, attacker s who can con trol these files can execute shell comm a n ds via the agen t. * In gest io n poin ts: Sect io n 3 man datory referen ce files. * Boun dary marker s: Non e. * Capability in ven tory: Bash tool access. * San itizatio n: Non e.
- Comm a n d Execut io n (LOW): The presen ce of Bash in allowed-tools in creases the poten tial im pact of in ject io n vuln erabilit ies.
- Prompt In ject io n (LOW): Authoritat ive direct ives ('Man datory', 'Non -Negotiable') are use d to en force design stan dar ds, whic h can im pact the agen t's adheren ce to other system con strain ts.
Recommendations
- AI detected serious security threats
Audit Metadata