ai-social-media-content
Pass
Audited by Gen Agent Trust Hub on Mar 7, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
Bashtool to run theinfshCLI. It constructs these commands dynamically by interpolating variables like$topicand$CONCEPTinto the command strings. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its handling of user-controlled data.
- Ingestion points: User-provided text in variables such as
CONCEPTandTOPICSwithinSKILL.mdare passed to shell commands. - Boundary markers: There are no delimiters or boundary markers used when interpolating these variables into the JSON-formatted tool inputs.
- Capability inventory: The skill is granted
Bash(infsh *)permissions, allowing it to execute any sub-command within theinfshtoolset. - Sanitization: There is no evidence of sanitization, escaping, or validation of user input before it is embedded in the executed shell commands.
Audit Metadata