super-search
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- PROMPT_INJECTION (LOW): Indirect prompt injection surface via user query interpolation. 1. Ingestion points: User query strings passed to the search-memory.cjs script in SKILL.md. 2. Boundary markers: Absent; uses double quotes but no safety delimiters or 'ignore' instructions. 3. Capability inventory: Execution of shell commands via the Bash(node:*) tool. 4. Sanitization: Absent; the skill relies on the underlying LLM to handle potentially malicious user input.
- COMMAND_EXECUTION (SAFE): The skill invokes a local file (search-memory.cjs) which is part of its own package to perform its primary function. This is standard behavior for an agent skill.
Audit Metadata