zr-execute
Pass
Audited by Gen Agent Trust Hub on May 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [SAFE]: No malicious code, unauthorized exfiltration patterns, or obfuscation techniques were detected in the skill instructions.
- [COMMAND_EXECUTION]: The skill utilizes the 'probe' CLI tool (vendor-specific to zenon-red) for task and project management, including task retrieval and status updates.
- [INDIRECT_PROMPT_INJECTION]: The skill ingests requirements from an external source via 'probe task get', which could potentially contain malicious instructions intended to manipulate the agent's implementation steps or local command execution. \n
- Ingestion points: Task requirements are fetched using
probe task get <task-id>inSKILL.md. \n - Boundary markers: No specific boundary markers or 'ignore' instructions are used to separate task data from core instructions. \n
- Capability inventory: Local code implementation, test execution, task status updates, and message sending. \n
- Sanitization: No explicit sanitization or validation of the ingested task data is performed.
Audit Metadata