Skills
skills/zhom/donutbrowser/ui-ux-pro-max/Gen Agent Trust Hub

ui-ux-pro-max

Fail

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • Privilege Escalation (HIGH): The SKILL.md file contains explicit instructions for the agent to execute sudo apt install to install dependencies. Commands utilizing superuser privileges are high-severity risks as they can be manipulated to compromise the host system.
  • Indirect Prompt Injection (LOW): The skill reads data from local CSV files and presents it to the agent, creating a surface for embedded instructions to influence agent behavior.
  • Ingestion points: Multiple CSV files in the data/ directory loaded by scripts/core.py.
  • Boundary markers: Absent. Search results are interpolated directly into the response without delimiters.
  • Capability inventory: Execution of local python scripts and high-privilege installation commands (apt, brew, winget).
  • Sanitization: None. Data from CSV files is processed and printed without validation.
  • External Downloads (LOW): The skill suggests using system package managers (apt, brew, winget) to download and install Python. While these are standard tools, the instruction involves external software retrieval.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 17, 2026, 06:31 PM