Aphorisms

Pass

Audited by Gen Agent Trust Hub on Jun 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection. Ingestion points: The skill fetches untrusted data via 'WebFetch' in 'Workflows/FindAphorism.md' and 'WebSearch' in 'Workflows/AddAphorism.md' and 'Workflows/ResearchThinker.md'. Boundary markers: The workflows do not specify any delimiters or instructions to the agent to ignore instructions embedded within the fetched content. Capability inventory: The skill environment allows for shell command execution (via curl and echo) and file system modification (via the Edit tool). Sanitization: There is no mention of filtering, escaping, or validating external content before it is processed for theme matching or summarization.
  • [COMMAND_EXECUTION]: The skill directs the agent to execute shell commands for notifications and telemetry. The execution log in 'SKILL.md' instructs the agent to interpolate a user-provided input summary ('8_WORD_SUMMARY') into an 'echo' command. This pattern is vulnerable to command injection if the summary contains shell control characters and is not strictly sanitized by the agent before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 30, 2026, 03:33 PM
Security Audit — agent-trust-hub — Aphorisms