skills/pedronauck/skills/insta-master/Gen Agent Trust Hub

insta-master

Pass

Audited by Gen Agent Trust Hub on Jun 27, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill instructions in SKILL.md for the post-check.py helper script interpolate user-provided Instagram captions directly into a shell command: python3 <insta-master-dir>/scripts/post-check.py "<legenda completa>". This creates a surface for indirect prompt injection or command injection if the agent does not properly escape shell-sensitive characters like backticks or quotes within the user's content.
  • Ingestion points: User-supplied Instagram captions (legenda) processed via SKILL.md and references/checklist-publicacao.md.
  • Boundary markers: The command template uses double quotes ("") to wrap the input, which is a weak boundary that can be escaped.
  • Capability inventory: The agent is instructed to execute local Python scripts via the python3 command.
  • Sanitization: There are no explicit instructions or scripts provided to sanitize or escape shell metacharacters in the input before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 27, 2026, 08:48 PM
Security Audit — agent-trust-hub — insta-master