Skills
skills/synkraai/aiox-core/aiox-pm/Gen Agent Trust Hub

aiox-pm

Warn

Audited by Gen Agent Trust Hub on Mar 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill's activation protocol requires running a local Node.js script: node .aiox-core/development/scripts/generate-greeting.js pm. This allows for local code execution based on the contents of the repository.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection through commands designed to process untrusted data.
  • Ingestion points: Stakeholder inputs and existing project files are ingested via *gather-requirements and *create-brownfield-prd.
  • Boundary markers: There are no specified delimiters or instructions to isolate external data from the system prompt.
  • Capability inventory: The skill has the capability to execute local scripts using Node.js.
  • Sanitization: No sanitization or validation methods are mentioned for handling external content.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 16, 2026, 11:45 PM
Security Audit — agent-trust-hub — aiox-pm