weekly-monthly-report
Pass
Audited by Gen Agent Trust Hub on Jun 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the shell command
find <folder_path> -type f | sortto search and list files within user-specified directories. - [PROMPT_INJECTION]: The skill processes untrusted external data from sources such as DOCX, PDF, and Markdown files to create summarized reports, which presents an indirect prompt injection risk.
- Ingestion points: File reading logic in Sections 1.1 through 1.4 of SKILL.md.
- Boundary markers: No explicit delimiters or instructions are provided to the agent to ignore embedded commands within the ingested files.
- Capability inventory: The skill can execute shell commands (find) and read arbitrary files from the filesystem.
- Sanitization: No sanitization or validation of the processed document content is mentioned.
- [DATA_EXFILTRATION]: The references/report-template.md file includes a hardcoded local file path (/Users/yujian/Documents/monthly/2026一季度总结及二季度规划.docx), which discloses the directory structure and username of the author's local machine.
Audit Metadata