Skills
skills/fikriaf/agentos/ascii-art/Gen Agent Trust Hub

ascii-art

Fail

Audited by Gen Agent Trust Hub on May 1, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute sudo apt install and sudo snap install to set up various local utilities (cowsay, boxes, toilet, jp2a, ascii-image-converter) on the host system.
  • [EXTERNAL_DOWNLOADS]: Installs the ascii-image-converter tool directly from a GitHub repository (github.com/TheZoraiz/ascii-image-converter) and pyfiglet via pip.
  • [EXTERNAL_DOWNLOADS]: Fetches data and art from several remote services including asciified.thelicato.io, qrenco.de, and wttr.in. It also retrieves the GitHub Octocat from the official API.
  • [EXTERNAL_DOWNLOADS]: Downloads HTML content from ascii.co.uk for local processing.
  • [DATA_EXPOSURE]: The skill possesses a surface for indirect prompt injection by ingesting untrusted external data.
  • Ingestion points: Fetches web pages from ascii.co.uk/art/{subject} and saves them to /tmp/ascii_art.html.
  • Boundary markers: Absent; the skill does not use delimiters or warnings to prevent the agent from obeying instructions hidden within the downloaded ASCII art.
  • Capability inventory: The skill utilizes curl for network operations, python3 for data processing, and requires sudo permissions for tool installation.
  • Sanitization: The provided Python script uses regular expressions to strip HTML tags and html.unescape to clean the text for display, but it does not validate the content against malicious instructions.
Recommendations
  • HIGH: Downloads and executes remote code from: https://ascii.co.uk/art/cat - DO NOT USE without thorough review
Audit Metadata
Risk Level
HIGH
Analyzed
May 1, 2026, 09:02 AM