tsticker
Warn
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill requires the installation of the 'tsticker' package from PyPI. While this is a vendor-owned resource, it represents an external dependency that is downloaded and installed via pipx.- [COMMAND_EXECUTION]: The script 'scripts/push_sticker.sh' is vulnerable to path traversal. The 'EMOJI' argument ($3) is concatenated into the 'DEST' file path without any sanitization or validation. This allows a malicious input containing traversal sequences (e.g., '../../') to target and overwrite arbitrary files that the user has write permissions for.- [COMMAND_EXECUTION]: The skill possesses an indirect prompt injection attack surface.
- Ingestion points: The script 'scripts/push_sticker.sh' accepts user-controlled positional arguments for the image path, directory, and emoji name.
- Boundary markers: There are no boundary markers or instructions to the agent to sanitize or ignore malicious sequences in the provided arguments.
- Capability inventory: The skill has the capability to write to the file system via the 'cp' command and execute network-enabled operations via the 'tsticker push' command.
- Sanitization: The script lacks any sanitization or path normalization for the input variables, making it susceptible to exploitation via specially crafted filenames or emoji strings.
Audit Metadata