bash
Pass
Audited by Gen Agent Trust Hub on Jun 27, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides a tool to execute arbitrary shell commands. This is a powerful capability that allows the agent to interact with the project's environment, install dependencies, and run build scripts. \n- [PROMPT_INJECTION]: There is a potential for indirect prompt injection if the agent uses untrusted data to construct the command input. \n
- Ingestion points: The command parameter of the bash tool defined in SKILL.md. \n
- Boundary markers: The skill does not define boundary markers or specific instructions to the agent to treat input as data rather than code. \n
- Capability inventory: The bash tool allows for a wide range of shell operations as listed in the keywords and rules in SKILL.md. \n
- Sanitization: The tool does not perform its own sanitization of the input command string.
Audit Metadata