misc-task

Warn

Audited by Gen Agent Trust Hub on Jun 24, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands like mkdir -p to manage directory structures for project deliverables.
  • [REMOTE_CODE_EXECUTION]: The instructions direct the agent to generate and execute temporary scripts (e.g., Ruby, XML) to perform tasks not natively supported by the tool, which involves dynamic code creation and execution.
  • [PROMPT_INJECTION]: The skill contains role-play instructions, asking the agent to act as specific AI models and personas when performing complex tasks.
  • [PROMPT_INJECTION]: The skill ingests untrusted external data (XML files, recordings) while possessing the capability to execute generated scripts and write files. 1. Ingestion points: External XML files and stray media recordings (SKILL.md). 2. Boundary markers: None identified; no instructions are provided to ignore commands within processed data. 3. Capability inventory: File system access (read/write), directory management, and execution of agent-generated scripts (SKILL.md). 4. Sanitization: No validation or sanitization of input file content is mentioned.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 24, 2026, 11:31 AM
Security Audit — agent-trust-hub — misc-task