command-dispatch
Pass
Audited by Gen Agent Trust Hub on May 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides the ability to execute system-level commands, including sensitive operations such as system restarts (
/restart) and clearing caches (/clear_cache).- [PROMPT_INJECTION]: The skill processes untrusted natural language from users to determine which commands to run and to extract arguments for execution, creating a surface for indirect prompt injection. - Ingestion points: Natural language descriptions provided by the user (e.g., "Sync sites", "Show subscriptions").
- Boundary markers: Not present. The instructions do not define delimiters for user input or include warnings to ignore instructions within the data.
- Capability inventory: Access to the
run_slash_commandtool, which can execute system and plugin functions. - Sanitization: Not present. There is no instruction for the agent to validate or sanitize user-provided arguments before executing them.
Audit Metadata