Skills
skills/thurbeen/rust-skills/domain-embedded/Gen Agent Trust Hub

domain-embedded

Warn

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the command cat .cargo/config.toml to extract build configuration. This involves direct execution of a shell command to read files from the host environment.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by processing external configuration data.
  • Ingestion points: The contents of .cargo/config.toml are read and included in the agent's context via the !cat command.
  • Boundary markers: There are no delimiters or instructions to ignore embedded commands within the injected configuration text.
  • Capability inventory: The skill performs file system reads through shell command execution.
  • Sanitization: No validation or sanitization is applied to the output of the command before it is presented to the LLM.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 28, 2026, 11:06 PM