aiox-squad-creator
Warn
Audited by Gen Agent Trust Hub on Mar 22, 2026
Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a local Node.js script located at
.aiox-core/development/scripts/generate-greeting.jsduring its activation sequence. This represents a capability to execute code logic stored within the project repository. - [PROMPT_INJECTION]: The skill source its 'persona' and 'command system' from an external markdown file (
.aiox-core/development/agents/squad-creator.md). This architecture presents an indirect prompt injection surface. - Ingestion points: Loads operational logic from
.aiox-core/development/agents/squad-creator.mdor.codex/agents/squad-creator.md. - Boundary markers: Absent; there are no specific delimiters or instructions for the agent to ignore embedded commands within the sourced files.
- Capability inventory: The skill has the ability to execute local shell commands (via Node.js) and read local filesystem content.
- Sanitization: Absent; instructions in the 'source of truth' files are adopted directly without filtering or verification steps.
Audit Metadata