log-management-system
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The script
scripts/configure-rotation.shgenerates alogrotateconfiguration file by interpolating command-line arguments (MAX_SIZE,KEEP_FILES,ROTATE_INTERVAL) directly into a heredoc template. - Evidence: The script lacks validation or escaping for these variables. Since
logrotateconfiguration files support apostrotateblock for executing shell commands, an attacker providing crafted inputs could inject arbitrary commands into the generated configuration. - Impact: These commands would typically execute with the high privileges associated with system log management utilities.
- [PROMPT_INJECTION]: The skill exhibits surface area for indirect prompt injection via the processing of untrusted parameters into executable configurations.
- Ingestion points: Command-line arguments in
scripts/configure-rotation.sh($1through$5). - Boundary markers: Absent; inputs are directly embedded into the configuration file structure.
- Capability inventory: The skill generates configuration files (
logrotate.conf) and systemd timers (logrotate-hourly.timer) which influence system behavior and can trigger shell command execution. - Sanitization: Absent; no escaping or regex validation is performed on the input variables before they are written to the filesystem.
Audit Metadata