context-mode
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides detailed patterns for executing JavaScript, Python, and Shell scripts via specialized tools to process large files and CLI outputs. This architectural choice is designed to ensure that only relevant, summarized findings enter the conversation context, which is a standard efficiency and safety best practice for AI agents.
- [PROMPT_INJECTION]: The skill facilitates the ingestion and analysis of external data from sources such as logs, API responses, and web documentation. While this constitutes an indirect prompt injection surface, the skill's instructions to programmatically analyze and summarize findings before returning them to the prompt act as an inherent mitigation.
- Ingestion points: External data is processed via tools like
ctx_execute,ctx_execute_file, andctx_fetch_and_index(referenced inSKILL.mdand multiple pattern files). - Boundary markers: The provided code templates focus on extracting specific data points rather than raw interpolation, which reduces the risk of the agent obeying instructions embedded within the processed data.
- Capability inventory: Capabilities include the use of standard libraries for network requests (Node.js
fetch), file system traversal (Pythonos.walk), and Shell processing (grep,jq,awk) within the tool execution environment. - Sanitization: The patterns emphasize filtering for specific technical markers (e.g., error levels, IDs, or line numbers) which serves to sanitize the input by stripping away irrelevant content before it is added to the agent's context.
Audit Metadata