weekly-monthly-report

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the shell command find <folder_path> -type f | sort to search and list files within user-specified directories.
  • [PROMPT_INJECTION]: The skill processes untrusted external data from sources such as DOCX, PDF, and Markdown files to create summarized reports, which presents an indirect prompt injection risk.
  • Ingestion points: File reading logic in Sections 1.1 through 1.4 of SKILL.md.
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands within the ingested files.
  • Capability inventory: The skill can execute shell commands (find) and read arbitrary files from the filesystem.
  • Sanitization: No sanitization or validation of the processed document content is mentioned.
  • [DATA_EXFILTRATION]: The references/report-template.md file includes a hardcoded local file path (/Users/yujian/Documents/monthly/2026一季度总结及二季度规划.docx), which discloses the directory structure and username of the author's local machine.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 03:24 AM
Security Audit — agent-trust-hub — weekly-monthly-report