zsxq-topic
Pass
Audited by Gen Agent Trust Hub on May 19, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill ingests untrusted data from an external social platform (topics, questions, and comments) via
zsxq-topic-detail.mdandzsxq-topic-search.md. This content could contain instructions designed to manipulate the agent. While the skill includes instructions to seek user confirmation before performing actions, it lacks explicit boundary markers (like XML tags or delimiters) to differentiate between user data and system instructions. - [COMMAND_EXECUTION]: The skill relies on the execution of shell commands via the
zsxq-clibinary to perform its functions. These commands are used for searching, viewing, creating, editing, and deleting topics. The skill documentation explicitly requires user confirmation for destructive or public-facing commands, which mitigates the risk of unauthorized execution.
Audit Metadata