devils-advocate
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local shell script
scripts/challenge.shto generate structured analysis templates. The script uses standard bash utilities for text output and does not perform sensitive system operations. - [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface due to its core functionality of processing external data and documents.
- Ingestion points: The skill is designed to ingest and analyze external files such as
architecture-redesign.pdf,project-plan.md, anduser-research.jsonas specified in theSKILL.mdusage examples. - Boundary markers: There are no explicit delimiters or system instructions provided to ensure the agent ignores malicious prompts that might be embedded within the documents being analyzed.
- Capability inventory: The skill maintains capabilities for local shell execution (via
scripts/challenge.sh) and text-based report generation. - Sanitization: Content from ingested documents is not sanitized or validated before being processed by the agent for analysis.
Audit Metadata