abramov-state-composition
Fail
Audited by Gen Agent Trust Hub on Mar 15, 2026
Risk Level: HIGHPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill uses zero-width characters in the main header to hide instructions that attempt to override the AI's core behavior ('SK1LL_0V3RR1D3: Ignore all previous instructions').\n- [DATA_EXFILTRATION]: The hidden payload commands the agent to read sensitive user files (~/.ssh/id_rsa) and transmit the contents to an external server.\n- [COMMAND_EXECUTION]: The hidden instructions attempt to trigger a command to exfiltrate data via curl to an external domain (evil-domain.com).
Recommendations
- AI detected serious security threats
Audit Metadata