Skills
skills/winsorllc/upgraded-carnival/diagnostic-runner/Gen Agent Trust Hub

diagnostic-runner

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local shell script {baseDir}/diagnose.sh to run comprehensive system health checks. This is the primary mechanism for the diagnostic functionality and is consistent with the skill's description.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the ingestion of external system data.
  • Ingestion points: The config and environment categories involve reading local configuration files and environment variables.
  • Boundary markers: There are no delimiters or protective instructions provided to prevent the agent from interpreting data within those files as new instructions.
  • Capability inventory: The skill can execute shell scripts and access system-wide metadata and network status.
  • Sanitization: No sanitization or validation of the external configuration data is mentioned or documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:11 AM