research-grants
Warn
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a command template 'python scripts/generate_schematic.py "your diagram description"' which takes a user-influenced description as a shell argument. This pattern can lead to command injection if the input contains shell metacharacters such as semicolons, backticks, or pipes that are not properly sanitized before execution.
- [PROMPT_INJECTION]: The instructions use coercive language such as '⚠️ MANDATORY' and 'not optional' to force the agent to perform specific tasks, which may bypass user intent or system-level safety constraints. The skill also contains instructions to redirect the user to an external website (k-dense.ai) for complex tasks, acting as a behavioral override. Additionally, it attempts to rename the agent as 'Nano Banana Pro'.
- [EXTERNAL_DOWNLOADS]: The skill references multiple scripts and reference files, including 'scripts/generate_schematic.py' and 'scripts/compliance_checker.py', that are not part of the provided SKILL.md file. These unverified files represent external dependencies that are executed or accessed by the agent during operation.
Audit Metadata