Skills
skills/0xmsc/coding_assistant/advanced-tool-usage/Gen Agent Trust Hub

advanced-tool-usage

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides detailed instructions and patterns for utilizing execution tools such as shell_execute and python_execute to orchestrate multi-stage data pipelines and process file content.\n- [PROMPT_INJECTION]: The skill outlines patterns that expose the agent to indirect prompt injection by piping external data into execution tools without safety controls.\n
  • Ingestion points: Untrusted data enters the agent context via tools such as tavily_search, read_url, cat, and journalctl, as described in SKILL.md and references/patterns.md.\n
  • Boundary markers: Absent; the patterns do not specify the use of delimiters or instructions to ignore embedded commands within the redirected data.\n
  • Capability inventory: The skill leverages powerful capabilities including python_execute, shell_execute, and the redirect_tool_call meta-tool.\n
  • Sanitization: Absent; the guidelines encourage direct processing of external tool output using execution environments without explicit validation, escaping, or filtering steps.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 10:47 AM
Security Audit — agent-trust-hub — advanced-tool-usage