zsxq-group
Pass
Audited by Gen Agent Trust Hub on Apr 17, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the
zsxq-clibinary to interact with the ZSXQ service. This involves executing subcommands likegroup +list,group +topics, andgroup +hashtagsto retrieve information. These operations are within the scope of the skill's documented purpose for group management.- [PROMPT_INJECTION]: A surface for indirect prompt injection exists because the skill retrieves and processes untrusted content (topics, comments, and hashtags) from the ZSXQ platform. * Ingestion points: External data enters the agent context through tools described inreferences/zsxq-group-topics.mdandreferences/zsxq-group-hashtags.md. * Boundary markers: No explicit delimiters or instructions to ignore embedded commands are present in the provided files. * Capability inventory: The skill performs read and search operations usingzsxq-cli. * Sanitization: No evidence of sanitization or validation of the retrieved external content was found.
Audit Metadata