Skills
skills/vibeeval/vibecosystem/math-router/Gen Agent Trust Hub

math-router

Warn

Audited by Gen Agent Trust Hub on Mar 23, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute shell commands dynamically generated by the math_router.py script. This creates a risk where the agent may execute arbitrary code or system commands if the router returns a malicious string.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by passing untrusted user-provided math requests directly into a command-line routing workflow.
  • Ingestion points: User input is ingested via the command-line argument to scripts/cc_math/math_router.py as shown in SKILL.md.
  • Boundary markers: No boundary markers or instructions to ignore embedded commands are present in the skill definition.
  • Capability inventory: The skill leverages uv run python to execute local scripts like math_router.py and sympy_compute.py with full shell access.
  • Sanitization: No sanitization or validation of the user input is described in the skill documentation, making the security of the operation dependent on the opaque implementation of the router script.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 23, 2026, 09:04 AM
Security Audit — agent-trust-hub — math-router