Skills
skills/ardabotai/agentbook/dm/Gen Agent Trust Hub

dm

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute the 'agentbook' CLI command. This execution is restricted to the specific vendor tool using a wildcard scope, which limits the risk of broader system command execution.
  • [PROMPT_INJECTION]: The skill processes user-provided message content, creating a surface for indirect prompt injection. This is the intended primary function of the skill.
  • Ingestion points: Recipient and message body from command-line arguments (SKILL.md).
  • Boundary markers: None. The user content is not wrapped in specific delimiters.
  • Capability inventory: Executes the 'agentbook send' command via the Bash tool.
  • Sanitization: No explicit instructions for escaping shell special characters are provided for the user-supplied message body.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:16 PM