reprocess-with-contact-sheets
Pass
Audited by Gen Agent Trust Hub on Jun 15, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local Ruby scripts located at
lib/buttercut/library.rbto interact with the library system (e.g.,ruby lib/buttercut/library.rb <name> reset_all_except_audio_transcripts). These are legitimate management operations for the tool's domain. - [INDIRECT_PROMPT_INJECTION]: Untrusted library names provided by the user are interpolated into shell commands, creating a potential command injection surface.
- Ingestion points: Library name input in Step 1 of SKILL.md.
- Boundary markers: Absent.
- Capability inventory: Subprocess calls to
rubyvia shell in Step 1, 4, and 5. - Sanitization: Absent; the skill relies on the agent's internal handling of the
<name>placeholder.
Audit Metadata