Skills
skills/indranilbanerjee/digital-marketing-pro/eval-suite/Gen Agent Trust Hub

eval-suite

Warn

Audited by Gen Agent Trust Hub on May 20, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill constructs shell commands using string interpolation of user-provided content and labels (e.g., python scripts/eval-runner.py --text "{content_or_path}"). This pattern is vulnerable to command injection if the user input contains shell metacharacters like semicolons or backticks, allowing arbitrary code execution.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection by ingesting and processing untrusted content from external files and directories.
  • Ingestion points: Content sources provided by the user in Step 2 and Step 3 of SKILL.md.
  • Boundary markers: Absent; there are no delimiters or instructions to ignore embedded prompts in the ingested text.
  • Capability inventory: Subprocess calls to scripts/eval-runner.py and scripts/quality-tracker.py (referenced in SKILL.md) which perform file reads and log results.
  • Sanitization: Absent; the skill does not specify any validation or sanitization of the processed text.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 20, 2026, 12:41 AM
Security Audit — agent-trust-hub — eval-suite