kuikly-recomposition-analyzer
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands to retrieve log files from connected devices. Specific commands for Android (adb), iOS (xcrun), and HarmonyOS (hdc) are provided in 'references/log-retrieval.md'. These commands use placeholders like '<package_name>', which could be vulnerable to command injection if user-provided input is not properly sanitized by the agent platform.
- [PROMPT_INJECTION]: The skill is susceptible to Indirect Prompt Injection (Category 8) as it processes external untrusted data from 'profiler_report.json' and 'profiler_frames.jsonl'.
- Ingestion points: The agent reads external log files during Phase 0 and Phase 3 of its workflow (specified in 'SKILL.md').
- Boundary markers: Absent. There are no instructions for the agent to use delimiters or treat the file content as untrusted data.
- Capability inventory: The skill can execute shell commands ('adb', 'xcrun', 'hdc'), perform file system searches ('Glob'), and write analysis reports to disk.
- Sanitization: Absent. No validation or escaping of the ingested log data is described before the agent processes it or includes it in the final report.
Audit Metadata