Skills
skills/zubair-trabzada/ai-agency-claude/agency-propose/Gen Agent Trust Hub

agency-propose

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands (ls and grep) via a Bash tool to identify and search for audit data files within the current working directory.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) as it systematically reads and processes data from untrusted local markdown files to generate business proposals.
  • Ingestion points: Reads content from any file matching patterns like AGENCY-ONBOARD-*.md, MARKETING-AUDIT*.md, or any .md file containing the business name in SKILL.md.
  • Boundary markers: The instructions do not define boundary markers or delimiters to isolate the untrusted content from the system instructions.
  • Capability inventory: The skill uses Bash for file discovery (ls, grep) and performs file read/write operations.
  • Sanitization: There is no evidence of sanitization or validation of the ingested data before it is interpolated into the proposal template.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 04:29 PM