teneo-agents
Pass
Audited by Gen Agent Trust Hub on Apr 16, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by processing untrusted data from external sources such as social media and e-commerce sites. Evidence: (1) Ingestion points: External data is fetched from Amazon product reviews, Instagram comments/posts, TikTok video metadata, and Google search results via the Teneo CLI. (2) Boundary markers: Absent; there are no instructions to use delimiters or ignore instructions within the retrieved text. (3) Capability inventory: The agent can execute shell commands through the bundled Teneo CLI tool. (4) Sanitization: Absent; no validation or filtering of external content is described.
- [COMMAND_EXECUTION]: The skill's primary function is to direct the agent to execute shell commands using the local binary
~/teneo-skill/teneo. While this is the intended purpose, it grants the agent the ability to run arbitrary arguments through this tool.
Audit Metadata