Skills
skills/sundial-org/awesome-openclaw-skills/compose-gen/Gen Agent Trust Hub

compose-gen

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the --add command-line argument. The content of this argument is directly interpolated into the LLM prompt without any sanitization or boundary markers.\n
  • Ingestion points: The extra parameter in the generateCompose function (src/index.ts), which receives input from the -a or --add CLI options.\n
  • Boundary markers: Absent. The input is concatenated directly into the prompt string without delimiters or instructions to ignore embedded commands.\n
  • Capability inventory: The skill has file system write capabilities via fs.writeFileSync in src/cli.ts (used to output the generated YAML file).\n
  • Sanitization: No sanitization, escaping, or validation is performed on the user-provided string before it is interpolated into the LLM prompt.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 12:25 AM