Skills
skills/winterlily/skills/security-review/Gen Agent Trust Hub

security-review

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTIONDATA_EXFILTRATION
Full Analysis
  • **[I n d i r e c t P r o m p t I n j e c t i o n ] (H I G H ) : ** T h e s k i l l i n s t r u c t s t h e a g e n t t o p r o c e s s u n t r u s t e d e x t e r n a l c o d e b a s e s w h i l e m a i n t a i n i n g t h e c a p a b i l i t y t o e x e c u t e s h e l l c o m m a n d s ( e . g . , n p m a u d i t , g o v u l n c h e c k ) . T h i s c o m b i n a t i o n c r e a t e s a s i g n i f i c a t n t s u r f a c e f o r i n d i r e c t p r o m p t i n j e c t i o n w h e r e m a l i c i o u s i n s t r u c t i o n s e m b e d d e d i n a u d i t e d f i l e s c o u l d t r i g g e r u n a u t h o r i z e d a c t i o n s .
  • I n g e s t i o n p o i n t s : P r o j e c t s o u r c e c o d e a n d c o n f i g u r a t i o n f i l e s a c c e s s e d v i a s e a r c h t o o l s .
  • B o u n d a r y m a r k e r s : A b s e n t ; t h e s k i l l p r o v i d e s n o d e l i m i t e r s o r i n s t r u c t i o n s t o i g n o r e e m b e d d e d d i r e c t i v e s .
  • C a p a b i l i t y i n v e n t o r y : E x e c u t i o n o f p a c k a g e m a n a g e r s a n d s e c u r i t y a u d i t i n g t o o l s , f i l e s y s t e m r e a d a c c e s s .
  • S a n i t i z a t i o n : A b s e n t .
  • **[P r o m p t I n j e c t i o n ] (M E D I U M ) : ** T h e s k i l l u s e s a b e h a v i o r a l o v e r r i d e i n i t s d e s c r i p t i o n ( " A L W A Y S r u n t h i s a t t h e e n d o f e a c h t a s k " ) a n d i n c l u d e s a v a g u e m a n d a t e i n S e c t i o n 5 t o " v e r i f y t h e e x e c u t i o n e n v i r o n m e n t , " w h i c h c a n b e e x p l o i t e d t o u n n e c e s s a r i l y e x p o s e s y s t e m c o n f i g u r a t i o n s .
  • **[D a t a E x p o s u r e & E x f i l t r a t i o n ] (L O W ) : ** T h e s k i l l e x p l i c i t l y d i r e c t s t h e a g e n t t o s e a r c h f o r a n d i d e n t i f y s e n s i t i v e h a r d c o d e d s e c r e t s ( A P I k e y s , p r i v a t e k e y s ) , w h i c h f a c i l i t a t e s t h e e x p o s u r e o f h i g h
  • v a l u e c r e d e n t i a l s w i t h i n t h e a g e n t ' s o u t p u t l o g s .
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 05:22 AM