Skills
skills/yelban/ljg-skills.tw/ljg-travel/Gen Agent Trust Hub

ljg-travel

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it retrieves and processes content from untrusted external sources.
  • Ingestion points: External URLs from platforms like Bilibili, Zhihu, and WeChat are analyzed using the ContentAnalysis tool (found in SKILL.md).
  • Boundary markers: The instructions do not specify any delimiters or warnings to ignore embedded instructions within the processed content.
  • Capability inventory: The skill writes structured files to ~/Documents/notes/ and executes the ljg-card tool based on the synthesized data.
  • Sanitization: No explicit content filtering or sanitization steps are defined for the data returned from external queries.
  • [COMMAND_EXECUTION]: The workflow invokes the ljg-card tool with multiple flags (-i, -l) to generate image-based reference cards from the researched data. This tool appears to be a vendor-specific resource associated with the author.
  • [EXTERNAL_DOWNLOADS]: The skill performs extensive research by fetching data from multiple well-known social and media platforms, including Bilibili, Zhihu, WeChat, Douyin, and Xiaohongshu, using platform-provided research tools.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 01:49 AM