principle-minimize-reader-load

Warn

Audited by Gen Agent Trust Hub on Jul 10, 2026

Risk Level: MEDIUMPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructs the agent to disregard platform-default models and reasoning tiers, commanding it to use a non-existent 'Codex gpt-5.6-sol' model instead.
  • [PROMPT_INJECTION]: The instructions include 'overrides' that tell the agent to ignore 'Claude-only fallback model policies' and conceptual cues from the host environment, which attempts to bypass intended system behavior.
  • [PROMPT_INJECTION]: The skill uses deceptive metadata; while the name and description focus on 'Minimizing Reader Load' and code tracing, a significant portion of the instructions are dedicated to a 'Uni-pstack Runtime Adapter' that modifies agent delegation and execution workflows.
  • [COMMAND_EXECUTION]: The skill directs the agent to execute specific commands and scripts in the host terminal, such as 'codex exec' and 'spawn-codex-worker', which are not defined within the skill and could lead to the execution of untrusted code.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jul 10, 2026, 04:46 PM