Skills
skills/nyldn/claude-octopus/octopus-quick/Gen Agent Trust Hub

octopus-quick

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: In 'Step 5: Generate Summary', the provided bash script uses an unquoted heredoc (<<EOF) to process the $TASK_DESCRIPTION variable. This pattern is vulnerable to command injection because the shell will execute any command substitutions (e.g., $(...)) or variable expansions present in the user-supplied task description.
  • [PROMPT_INJECTION]: The skill creates an indirect prompt injection surface by interpolating untrusted user input into shell commands without sanitization:
  • Ingestion points: User input is ingested via the task description in SKILL.md.
  • Boundary markers: The bash script template lacks delimiters or escaping to isolate user data from the command structure.
  • Capability inventory: The skill relies on bash, git, and local scripts in the .claude-octopus directory for its primary functionality.
  • Sanitization: No validation or sanitization steps are defined for the task description before it is processed in the shell environment.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 06:35 AM