Skills
skills/unnoo/zsxq-skill/zsxq-shared/Gen Agent Trust Hub

zsxq-shared

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill facilitates the execution of local shell commands using the zsxq-cli binary to manage authentication, diagnostics, and API interactions with Knowledge Planet.
  • [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection by processing external data from the Knowledge Planet API.
  • Ingestion points: Untrusted data enters the agent context through the output of commands like zsxq-cli api call and zsxq-cli api raw (SKILL.md).
  • Boundary markers: The instructions lack explicit delimiters or warnings to the agent to disregard instructions that may be embedded within the fetched API data.
  • Capability inventory: The agent has the capability to execute subcommands via zsxq-cli, including operations that can create or modify content (SKILL.md).
  • Sanitization: No sanitization or validation logic is specified for the content retrieved from the external API before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 03:01 AM