Skills
skills/victorpay1/intelligems-analytics/intelligems-profit-impact/Gen Agent Trust Hub

intelligems-profit-impact

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONCREDENTIALS_UNSAFEDATA_EXFILTRATION
Full Analysis
  • Persistence Mechanisms (HIGH): The skill attempts to create a macOS LaunchAgent via the setup_automation.sh script to run reports daily. This provides a mechanism for persistent code execution on the user's host system.
  • Command Execution (HIGH): The instructions execute multiple bash scripts (setup_workspace.sh, setup_automation.sh) using relative paths (../intelligems-core/) that point outside the skill's own directory. This behavior relies on external, unverifiable files being present on the host.
  • Credentials Handling (MEDIUM): The skill manages sensitive INTELLIGEMS_API_KEY data by reading from and writing to a .env file. It uses grep to check for existing keys, which may lead to the accidental display of credentials in the agent's output logs.
  • Indirect Prompt Injection (LOW): The skill ingests external data from A/B tests through the impact.py script. Ingestion points: output of impact.py and test IDs. Boundary markers: absent. Capability inventory: file writing, shell execution, and Slack webhook network requests. Sanitization: none. This surface allows untrusted experiment data to potentially influence the financial report presentation logic.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:28 PM