answers
Pass
Audited by Gen Agent Trust Hub on Feb 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill grants the agent permission to 'run shell commands only when it directly helps answer the question'. This is a broad capability that could be abused if the agent interprets a user question as a command to execute.
- PROMPT_INJECTION (LOW): As a Q&A tool, it processes untrusted user input (Category 8). The lack of explicit boundary markers or instructions to ignore embedded commands in the input data increases the risk of Indirect Prompt Injection. Evidence Chain: 1. Ingestion points: User questions provided during runtime. 2. Boundary markers: Absent. 3. Capability inventory: Shell command execution. 4. Sanitization: Not specified in the skill instructions.
Audit Metadata