Skills
skills/lijigang/ljg-skills/ljg-book/Gen Agent Trust Hub

ljg-book

Pass

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute the date command to generate timestamps for file naming. This is a benign use of a standard system utility for organization.- [EXTERNAL_DOWNLOADS]: The skill utilizes WebSearch and WebFetch tools to retrieve information about books when content is not provided directly by the user. This is an intended function to provide context for the analysis.- [PROMPT_INJECTION]: The skill processes untrusted content (book titles, descriptions, and file uploads) which represents an indirect prompt injection surface.
  • Ingestion points: Book names, summaries, and PDF/Arxiv file contents.
  • Boundary markers: None explicitly used to delimit external data.
  • Capability inventory: File system write access (~/Documents/notes/), web browsing (WebSearch, WebFetch), and shell execution (date).
  • Sanitization: The skill mitigates risks by enforcing a highly rigid five-point structure and a specific 'reverse translation' writing style, which limits the agent's susceptibility to embedded instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
May 18, 2026, 07:09 AM
Security Audit — agent-trust-hub — ljg-book