Skills
skills/inoue2002/secretary-skill/secretary/Gen Agent Trust Hub

secretary

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute specific bash scripts located at /Users/inoueyousuke/.claude/skills/cosense/scripts/cosense_api.sh to perform operations like fetching page text and searching.
  • [EXTERNAL_DOWNLOADS]: The helper scripts perform network operations to retrieve content from external Cosense pages.
  • [PROMPT_INJECTION]: The skill processes untrusted data from external pages, creating an indirect prompt injection surface.
  • Ingestion points: Data is fetched from external Cosense pages via the get-page-text and get-page commands.
  • Boundary markers: No specific delimiters or instructions are used to distinguish the fetched external data from the agent's core instructions.
  • Capability inventory: The agent can execute shell scripts and access external network data.
  • Sanitization: The retrieved content is not sanitized or validated before being analyzed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 02:52 AM