roast-my-agents-md
Warn
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands to perform its primary auditing and A/B testing functions.\n
- Evidence: SKILL.md Phase 2 Step 7 contains instructions for the agent to move files in sensitive global configuration locations such as
~/.claude/,~/.codex/, and~/.cursor/to create clean environments for testing.\n - Evidence: It uses the
findcommand with-execto locate and rename all "memory" directories across the user's projects.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted, user-controlled configuration files.\n - Ingestion points: Reads instructions from
AGENTS.md,CLAUDE.md, and other AI configuration files located via recursive search in the project directory (SKILL.md Phase 1 Step 0).\n - Boundary markers: Absent; audited content is directly analyzed and utilized in the creation of evaluation prompts for the A/B testing phase.\n
- Capability inventory: The skill can execute Node.js scripts, perform significant filesystem operations, and spawn new agent instances.\n
- Sanitization: No sanitization of the audited content is performed before processing or prompt interpolation.
Audit Metadata