Skills
skills/techulus/capture-skills/capture-cli/Gen Agent Trust Hub

capture-cli

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (MEDIUM): The skill instructs the user or agent to install a binary from github.com/techulus/capture-go. While this is a standard installation method, the repository owner is not in the trusted source list, making the binary unverifiable.
  • PROMPT_INJECTION (HIGH): Indirect Prompt Injection risk through the capture content command.
  • Ingestion points: Untrusted data enters the agent context via the capture content <url> and capture metadata <url> commands as described in SKILL.md.
  • Boundary markers: There are no instructions for the agent to use delimiters or ignore instructions embedded in the fetched content.
  • Capability inventory: The agent can execute the capture CLI which has the capability to write files to the local filesystem (-o flag) and perform network requests to any URL.
  • Sanitization: No sanitization or validation of the fetched content is specified before it is processed by the agent.
  • COMMAND_EXECUTION (LOW): The skill relies on executing the capture CLI. While this is the intended functionality, it grants the agent the ability to specify arbitrary output paths for files, which could lead to accidental or malicious file overwrites if the agent is manipulated.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 10:35 AM