Skills
skills/duc01226/easyplatform/skill-fix-logs/Gen Agent Trust Hub

skill-fix-logs

Pass

Audited by Gen Agent Trust Hub on Apr 10, 2026

Risk Level: SAFEPROMPT_INJECTIONEXTERNAL_DOWNLOADSCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and acts upon data from untrusted sources including logs.txt, external URLs, and GitHub repositories to modify local skill files and scripts. Ingestion points: logs.txt, provided URLs, and GitHub repositories. Boundary markers: Absent. Capability inventory: Ability to modify local scripts and SKILL.md files, and execute system commands. Sanitization: None identified.
  • [EXTERNAL_DOWNLOADS]: The skill instructs the agent to visit an external website and install the repomix utility if it is not already present in the environment.
  • [COMMAND_EXECUTION]: The agent is directed to use the repomix command-line tool to process repository data as part of its workflow.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 10, 2026, 07:25 AM
Security Audit — agent-trust-hub — skill-fix-logs