Skills
skills/yunshu0909/yunshu_skillshub/readable-output/Gen Agent Trust Hub

readable-output

Warn

Audited by Gen Agent Trust Hub on May 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute the open <path> shell command to display generated HTML files. The file path is dynamically constructed using user-supplied content (docs/[内容主题]-[YYYYMMDD].html). If the user provides input containing shell metacharacters (e.g., ;, &&, or backticks), it could lead to command injection depending on how the underlying platform handles tool execution.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it is designed to summarize and organize potentially untrusted data from the user (e.g., "summarize this pile", "do a review").
  • Ingestion points: User content provided when triggering the skill (summaries, reports, reviews).
  • Boundary markers: The skill lacks explicit instructions to wrap user data in delimiters or to ignore instructions embedded within the processed text.
  • Capability inventory: The skill uses AskUserQuestion, writes files to the local file system, and executes the open command.
  • Sanitization: No sanitization or escaping of the user-provided content is specified before processing or file naming.
Audit Metadata
Risk Level
MEDIUM
Analyzed
May 18, 2026, 08:53 AM
Security Audit — agent-trust-hub — readable-output