hash-tools
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The skill references several functional scripts, including
hash.sh,hash-dir.sh,hash-compare.sh,hash-verify.sh, andhash-dupes.sh, which are not provided in the skill files. The actual logic and security properties of these scripts cannot be verified. - [COMMAND_EXECUTION]: The documentation describes commands that execute local bash scripts with user-supplied arguments such as file paths, algorithm names, and raw strings.
- [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection (Category 8): \n
- Ingestion points: The skill accepts file paths and arbitrary strings from the user as input for hashing (SKILL.md). \n
- Boundary markers: None are defined to separate untrusted data from the script commands. \n
- Capability inventory: The skill executes local subprocesses via shell scripts. \n
- Sanitization: Cannot be verified as the script source code is absent.
Audit Metadata