clarify
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands (e.g.,
tldr semantic "$KEYWORDS" .) using variables derived from user input or file names. If the platform's execution environment does not properly sanitize these variables, it could lead to command injection. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests untrusted data from the local codebase to inform its questioning workflow.
- Ingestion points: Shell commands (
tldr semantic,tldr structure,tldr deps) read the current directory and specific files. - Boundary markers: Absent. The skill does not define specific delimiters or instructions to ignore potential malicious content within the searched files.
- Capability inventory: The skill uses shell command execution to perform semantic searches and dependency analysis.
- Sanitization: Absent. There are no instructions for escaping or validating the content of
$USER_TASK_KEYWORDS,$KEYWORDS, or$FILEvariables.
Audit Metadata