empjs-skill
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill translates natural language into
eskillCLI commands executed in the shell environment. This includes complex operations like directory changes and package management tasks. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of external code via the
eskill installcommand, which can target NPM packages or GitHub repositories. Examples provided reference the author's own GitHub repository (steelan9199). - [PROMPT_INJECTION]: The transformation of user natural language into command-line arguments presents an indirect prompt injection surface.
- Ingestion points: User-provided skill names, agent names, and file paths are extracted from natural language input in SKILL.md.
- Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the command generation logic.
- Capability inventory: The skill has the capability to execute shell commands, manage files, and install remote packages.
- Sanitization: There is no mention of input validation or sanitization for the parameters used to construct shell commands.
Audit Metadata