Skills
skills/synkraai/aios-core/aiox-data-engineer/Gen Agent Trust Hub

aiox-data-engineer

Warn

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The Activation Protocol requires the agent to execute a Node.js script located at .aiox-core/development/scripts/generate-greeting.js. This represents dynamic command execution on the host environment during the initialization of the skill.
  • [PROMPT_INJECTION]: The skill defines a *yolo command which allows the agent to cycle through permission modes, specifically 'auto' and 'explore'. These modes are designed to reduce or remove user-in-the-loop validation for agent actions, which can be exploited to perform unauthorized operations if the agent's context is compromised.
  • [PROMPT_INJECTION]: The activation protocol instructs the agent to 'Adopt this agent persona and command system' based on external files in .aiox-core/ and .codex/. Loading configuration and instructions from these paths can introduce indirect prompt injection if the files are modified by an attacker to include malicious instructions.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 22, 2026, 03:39 PM
Security Audit — agent-trust-hub — aiox-data-engineer