agency-pipeline
Pass
Audited by Gen Agent Trust Hub on Apr 11, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes shell commands (
lsandgrep) to discover audit-related markdown files in the current working directory for processing. - [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) because it reads and parses the contents of external markdown files without sanitization. Ingestion points: Reads all
.mdfiles in the current working directory. Boundary markers: Lacks specific delimiters or instructions to ignore potential commands embedded within the data. Capability inventory: Employs shell execution for file discovery and performs local file read/write operations. Sanitization: No validation or filtering is applied to the content extracted from the files.
Audit Metadata