Skills
skills/supertools/timeless-skills/timeless/Gen Agent Trust Hub

timeless

Fail

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: HIGHCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: Helper scripts (scripts/podcast.sh, scripts/upload.sh, and scripts/youtube.sh) utilize shell command substitution ($()) and string interpolation to construct commands and JSON payloads. This design creates a potential command injection surface if the calling agent provides unsanitized input containing shell metacharacters, allowing for unauthorized command execution on the host system.\n- [REMOTE_CODE_EXECUTION]: In scripts/podcast.sh, data retrieved from the Apple iTunes API is piped directly into a Node.js interpreter (node -e) for parsing. While the data source is a well-known and trusted service, the pattern of executing dynamic code on remote content is a sensitive operation that would be high-risk if used with untrusted sources.\n- [PROMPT_INJECTION]: The skill is designed to ingest and process external content such as meeting transcripts, YouTube video titles, and podcast metadata. The recommended "Poll, Deduplicate, Act" automation pattern creates a vulnerability to indirect prompt injection, where malicious instructions embedded in a meeting transcript could influence the agent's behavior during automated processing tasks.\n
  • Ingestion points: Meeting transcripts retrieved via api-reference.md operations, and media metadata retrieved via the podcast and YouTube helper scripts.\n
  • Boundary markers: None identified. The skill does not implement specific delimiters or instructions to ignore embedded commands when processing external text.\n
  • Capability inventory: The skill leverages curl, node, and yt-dlp for network requests and system-level operations.\n
  • Sanitization: The provided shell scripts perform direct variable interpolation without sanitization or escaping mechanisms.\n- [EXTERNAL_DOWNLOADS]: The skill interacts with several well-known external services, including itunes.apple.com (Apple) for podcast searches, open.spotify.com (Spotify) for oEmbed metadata, and storage.googleapis.com (Google) for media uploads. These interactions are documented as neutral findings consistent with the skill's media management functionality.
Recommendations
  • HIGH: Downloads and executes remote code from: https://itunes.apple.com/search?term=$(node - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 12, 2026, 04:13 PM