@1892/squadron
Pass
Audited by Gen Agent Trust Hub on Mar 20, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill generates a bash script to poll an inbox and schedules it for execution.
- Evidence: Writes to
/data/workspace/scripts/squadron-inbox-poll.shand usesschedule_taskto run the script every 30 minutes. - [EXTERNAL_DOWNLOADS]: The skill retrieves and sends data to a remote service.
- Evidence: Connects to
https://community.iamstarchild.com/1892-squadron/apito sync tasks and knowledge base files. - [SAFE]: Sensitive credentials are managed through standard environment configurations.
- Evidence: Instructions prioritize
SQUADRON_API_KEYfrom the environment and suggest storing secrets in a.envfile. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from data retrieved via the Squadron platform.
- Ingestion points: External data enters through the
/inboxand/tasksAPI endpoints defined in the skill. - Boundary markers: Absent; the skill does not wrap external content in delimiters or specify that instructions within the data should be ignored.
- Capability inventory: The skill has access to scheduled shell execution, file writing to the knowledge base, and network connectivity.
- Sanitization: Absent; task titles and descriptions are processed and displayed without escaping or validation.
Audit Metadata