Skills
skills/bahayonghang/my-claude-code-settings/plain/Gen Agent Trust Hub

plain

Pass

Audited by Gen Agent Trust Hub on Apr 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands to prepare the file system and generate metadata.
  • It runs mkdir -p ~/Documents/notes or New-Item to create the target directory.
  • It calls date or Get-Date to produce timestamps for note organization.
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from the web for rewriting.
  • It utilizes WebFetch and WebSearch to pull data from external URLs and search results.
  • [DATA_EXFILTRATION]: The skill can access local file contents.
  • Step 1 ('获取内容') includes a 'Read' operation for file paths. This allows the agent to ingest local files, which could potentially include sensitive data if the path is not validated.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the content it processes.
  • Ingestion points: External content enters the agent via WebFetch (URLs) and Read (local files) as described in Step 1 of SKILL.md.
  • Boundary markers: Absent. The skill does not define delimiters or provide instructions to the agent to ignore potentially malicious commands within the fetched content.
  • Capability inventory: The skill has the ability to write files, create directories (mkdir), and execute shell commands (date).
  • Sanitization: Absent. There is no evidence of input validation or sanitization before the content is processed by the LLM.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 19, 2026, 02:49 PM