principle-minimize-reader-load
Warn
Audited by Gen Agent Trust Hub on Jul 10, 2026
Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill instructs the agent to disregard platform-default models and reasoning tiers, commanding it to use a non-existent 'Codex gpt-5.6-sol' model instead.
- [PROMPT_INJECTION]: The instructions include 'overrides' that tell the agent to ignore 'Claude-only fallback model policies' and conceptual cues from the host environment, which attempts to bypass intended system behavior.
- [PROMPT_INJECTION]: The skill uses deceptive metadata; while the name and description focus on 'Minimizing Reader Load' and code tracing, a significant portion of the instructions are dedicated to a 'Uni-pstack Runtime Adapter' that modifies agent delegation and execution workflows.
- [COMMAND_EXECUTION]: The skill directs the agent to execute specific commands and scripts in the host terminal, such as 'codex exec' and 'spawn-codex-worker', which are not defined within the skill and could lead to the execution of untrusted code.
Audit Metadata