identity
Pass
Audited by Gen Agent Trust Hub on Mar 9, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local system commands via preprocessing to gather node state. Evidence: shell execution of 'agentbook identity', 'agentbook health', 'agentbook following', 'agentbook followers', and 'agentbook rooms' in SKILL.md.
- [PROMPT_INJECTION]: The skill displays an indirect prompt injection surface by ingesting external data (follower names, room status) into the agent context. Ingestion points: outputs from social and room commands in SKILL.md. Boundary markers: None present. Capability inventory: No hazardous file or network capabilities identified in the skill scripts. Sanitization: No sanitization is performed on the command output before interpolation.
Audit Metadata