asciinema-cast-format
Pass
Audited by Gen Agent Trust Hub on Apr 4, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides bash templates that use variable interpolation (e.g.,
$TARGET_TIME) within shell arithmetic andjqfilters. These patterns could be susceptible to command injection if the input variables are not properly validated before execution.\n- [PROMPT_INJECTION]: The skill processes data from external.castfiles, which presents a surface for indirect prompt injection.\n - Ingestion points: Reads
recording.cast(SKILL.md).\n - Boundary markers: Absent.\n
- Capability inventory: Uses
Bashto executejq,tail,sort,uniq,date, andbcon file contents.\n - Sanitization: Absent.
Audit Metadata