tigris-egress-optimizer
Pass
Audited by Gen Agent Trust Hub on Mar 24, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Mentions installing the Tigris CLI (@tigrisdata/cli) via NPM. This is a vendor-owned package used for storage management.
- [COMMAND_EXECUTION]: Executes shell commands including 'tigris usage', 'tigris ls', and 'grep' to perform diagnostics on storage buckets and local source code.
- [PROMPT_INJECTION]: Features an indirect prompt injection surface. The skill instructs the agent to search (grep) through local source code for specific patterns. If the codebase contains malicious instructions embedded in comments or strings, these could be ingested into the agent's context during analysis.
- [PROMPT_INJECTION]: Indirect injection analysis for codebase scanning: (1) Ingestion points: Codebase scanning using grep in SKILL.md. (2) Boundary markers: Absent. (3) Capability inventory: NPM installation and shell command execution. (4) Sanitization: Absent.
Audit Metadata