Skills
skills/transilienceai/communitytools/backend-inferencer/Gen Agent Trust Hub

backend-inferencer

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill configuration includes a PostToolUse hook that executes a local shell script (post_output_validation_hook.sh) using a relative path traversal (../../../hooks/skills/).- [PROMPT_INJECTION]: The skill processes untrusted external signals, presenting a surface for indirect prompt injection.
  • Ingestion points: HTTP headers, HTML meta tags, and repository files are read via the Read and Grep tools.
  • Boundary markers: No delimiters or markers are defined to isolate external data from the agent's logic.
  • Capability inventory: The skill utilizes Read and Grep tools and has command execution capabilities via hooks.
  • Sanitization: There is no evidence of input validation or sanitization before processing signals.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:36 PM