Skills
skills/thinkfleetai/thinkfleet-engine/agent-zero/Gen Agent Trust Hub

agent-zero

Warn

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTIONNO_CODE
Full Analysis
  • [COMMAND_EXECUTION]: The skill documentation describes a shell tool that allows an autonomous agent to execute arbitrary system commands within its container environment.
  • [REMOTE_CODE_EXECUTION]: The skill documentation includes a python tool that enables the agent to execute multi-step Python scripts.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection as it processes untrusted inputs with high-privilege tool access.
  • Ingestion points: The engine processes arbitrary goal descriptions from user input and data retrieved from the web tool.
  • Boundary markers: No explicit delimiters or boundary markers are defined in the documentation to separate instructions from external data.
  • Capability inventory: The engine has access to shell, python, filesystem, and web tools as specified in the SKILL.md file.
  • Sanitization: The skill does not document any sanitization, validation, or filtering mechanisms for goal inputs or external data sources.
  • [NO_CODE]: No executable source code or scripts were provided in the skill package; the analysis is based on the markdown interface definition and RPC method descriptions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 1, 2026, 05:13 AM