Skills
skills/thienanblog/awesome-ai-agent-skills/symcli-skill/Gen Agent Trust Hub

symcli-skill

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines workflows that require the agent to execute shell commands (symcli.bat or symcli.sh) to perform symbolic computation and code analysis tasks.
  • [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The agent is instructed to read and interpret results from output files (result.txt, report.json) that are generated by processing potentially untrusted user input (C# source files or mathematical ProblemScript files).
  • Ingestion points: The agent reads result.txt and report.json in the 'Agent Workflow' and 'Examples' sections.
  • Boundary markers: Absent. There are no instructions to the agent to treat the output of the CLI tool as untrusted data or to use specific delimiters to isolate it from its primary instructions.
  • Capability inventory: The agent has the capability to write files (creating .ps or .cs files) and execute shell commands (running the symcli wrappers).
  • Sanitization: Absent. There is no evidence of validation or sanitization of the tool's output before the agent interprets it back to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 11:00 AM