glossary-generator
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill dynamically generates and executes a Python script via the Bash tool to perform alphabetical sorting and merging of glossary entries. The script content is provided within the instructions in
SKILL.mdand uses standard libraries (os,re,glob) to process local temporary files. - [PROMPT_INJECTION]: The skill ingests untrusted content from markdown files within the project's documentation directory and interpolates it into a sub-agent's prompt, creating a surface for indirect prompt injection.
- Ingestion points: Reads
docs/learning-graph/02-concept-list-v1.md,docs/course-description.md, and any files matching/docs/**/*.md. - Boundary markers: Absent. The prompt template in
SKILL.mdlacks delimiters or specific instructions to ignore embedded commands in the source data. - Capability inventory: The skill has access to
Write,Edit, andBashtools, allowing it to modify project files and execute local scripts. - Sanitization: There is no evidence of input validation or escaping for the content processed from external files.
Audit Metadata