Skills
skills/willsigmon/sigstack/Service Consolidator/Gen Agent Trust Hub

Service Consolidator

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill is designed to analyze external source code and possesses the capability to modify files and execute shell commands. This creates a surface where malicious instructions embedded in the code could subvert the agent's logic.
  • Ingestion Points: Source code files read from the 'Leavn app' codebase using Read and Grep tools.
  • Boundary Markers: Absent; there are no instructions to disregard embedded commands or use delimiters.
  • Capability Inventory: The agent can use Edit to modify/delete files and Bash to execute commands.
  • Sanitization: None; the skill lacks validation of the code being analyzed before acting on it.
  • Command Execution (HIGH): The Bash tool is permitted without specific constraints, allowing for arbitrary command execution. Combined with the instruction to 'Delete unused' files based on its own analysis, this presents a significant risk of data loss or system compromise.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:47 AM