Skills
skills/thinkfleetai/thinkfleet-engine/imsg/Gen Agent Trust Hub

imsg

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill initiates the installation of the imsg CLI tool from a third-party Homebrew repository (steipete/tap/imsg).
  • [COMMAND_EXECUTION]: The skill executes imsg commands to list chats, retrieve message history, and send messages. It requires high-level macOS permissions, including Full Disk Access and Automation control.
  • [PROMPT_INJECTION]: The skill presents an attack surface for indirect prompt injection. Ingestion points: Malicious instructions could enter the agent's context through imsg history or the imsg watch command. Boundary markers: No delimiters or safety instructions are used to isolate message content from the system prompt. Capability inventory: The agent has the ability to send messages and potentially interact with other system tools. Sanitization: There is no evidence of filtering or sanitizing the content of the messages before they are processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:14 AM