Skills
skills/alberduris/skills/slack-reminders/Gen Agent Trust Hub

slack-reminders

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/schedule-reminder.sh utilizes standard system utilities including date, grep, cut, tr, and curl to handle time parsing and API communication.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection via schema confusion during JSON construction.
  • Ingestion points: The MESSAGE and DATETIME parameters in scripts/schedule-reminder.sh ingest data directly from the agent's context.
  • Boundary markers: No delimiters or boundary markers are used to isolate untrusted user data from the script's internal logic.
  • Capability inventory: The script possesses the capability to perform network operations (curl) and read specific environment variables from .env files.
  • Sanitization: The script performs no sanitization or escaping on the $MESSAGE variable. Double quotes provided in the message will break the JSON structure of the API request, allowing for potential manipulation of the Slack API call parameters.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 04:24 PM