ai-social-media-content

Pass

Audited by Gen Agent Trust Hub on Mar 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run the infsh CLI. It constructs these commands dynamically by interpolating variables like $topic and $CONCEPT into the command strings.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through its handling of user-controlled data.
  • Ingestion points: User-provided text in variables such as CONCEPT and TOPICS within SKILL.md are passed to shell commands.
  • Boundary markers: There are no delimiters or boundary markers used when interpolating these variables into the JSON-formatted tool inputs.
  • Capability inventory: The skill is granted Bash(infsh *) permissions, allowing it to execute any sub-command within the infsh toolset.
  • Sanitization: There is no evidence of sanitization, escaping, or validation of user input before it is embedded in the executed shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 7, 2026, 12:11 PM