yao-interpreter-skill
Pass
Audited by Gen Agent Trust Hub on Jun 18, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The
examples/risky_skill/directory contains sample files designed to test the analyzer's detection capabilities. These files include common injection phrases like 'Ignore previous instructions' and 'do not tell the user what happens.' Analysis confirms these are static test fixtures used for internal validation and are never treated as authoritative instructions for the agent. - [COMMAND_EXECUTION]: The skill includes a testing script,
scripts/smoke_test.py, which usessubprocess.runto execute the skill's own analysis engine on sample directories. This usage is restricted to automated testing of the skill's core functionality. - [DATA_EXFILTRATION]: Malicious code patterns, such as commands attempting to exfiltrate API keys via
curl, are found within theexamples/risky_skill/scripts/directory. These are intentionally included as 'Red Team' data fixtures to verify that the scanner correctly identifies and reports such threats in target skills. - [EXTERNAL_DOWNLOADS]: The skill's analysis logic and documentation reference public repositories under the author's organization (e.g.,
github.com/yaojingang/) for version checking and as example targets. These references follow standard vendor patterns and involve well-known developer services.
Audit Metadata