math
Pass
Audited by Gen Agent Trust Hub on Apr 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute scripts such as sympy_compute.py, z3_solve.py, and pint_compute.py. These scripts are run using uv run python with arguments generated from user-provided mathematical queries.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection, specifically command injection, because it interpolates user-supplied strings directly into shell command templates.
- Ingestion points: Mathematical expressions, equations, and unit conversion requests provided by the user as seen in the SKILL.md examples.
- Boundary markers: While double quotes are used around arguments in the provided templates, there are no specific instructions or logic provided to ensure the agent escapes or sanitizes shell-active characters within those quotes.
- Capability inventory: The skill utilizes the Bash tool which provides access to shell execution, and the Write tool which could be used to modify local script behavior.
- Sanitization: No sanitization, validation, or escaping requirements are defined for the user input before it is passed to the command line.
Audit Metadata