Skills
skills/tao3k/omni-dev-fusion/omniCell/Gen Agent Trust Hub

omniCell

Warn

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The nuShell tool in scripts/nu_shell.py allows the execution of arbitrary system commands using Nushell syntax. This gives the agent broad authority to run processes, scripts, and development tools on the host environment.
  • [DATA_EXFILTRATION]: Through shell commands such as ls, open, and sys, the skill can access sensitive system information, configuration files, and private data. The referenced sys_query tool in references/navigation.md further enables precise extraction of source code using AST patterns, which could be used to expose intellectual property.
  • [PROMPT_INJECTION]: The tool relies on a command string argument which is highly susceptible to prompt injection. An attacker could influence the command content to bypass safety protocols, override intent classification (observe vs mutate), or execute destructive operations.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 7, 2026, 06:45 AM