Skills
skills/vivy-yi/finance-skills/project-list/Gen Agent Trust Hub

project-list

Warn

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions include shell-like logic to iterate through the ~/.config/finance-skills/projects/ directory to locate project files.
  • [DATA_EXFILTRATION]: The skill accesses potentially sensitive project data (audit results, M&A details, budget reviews) stored in the user's home configuration directory. While no direct network exfiltration is hardcoded, the agent is directed to process and output this data.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it parses and displays content from project.md files without sanitization. An attacker who can influence the content of these files could manipulate the agent's behavior.
  • Ingestion points: ~/.config/finance-skills/projects/*/project.md
  • Boundary markers: Absent. The skill does not use delimiters or instructions to ignore embedded commands.
  • Capability inventory: Filesystem directory scanning and file reading.
  • Sanitization: Absent. Content is extracted via grep and directly interpolated into the output format.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Jun 16, 2026, 02:26 AM
Security Audit — agent-trust-hub — project-list