Skills
skills/333-333-333/agents/skill-sync/Gen Agent Trust Hub

skill-sync

Pass

Audited by Gen Agent Trust Hub on Mar 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes metadata from other files in the skills/ directory and propagates it into documentation. While this is the intended purpose, it establishes a data flow where instructions from one skill's metadata could reach the agent's primary instruction files.\n
  • Ingestion points: Reads metadata.description and metadata.auto_invoke from all SKILL.md files in the repository.\n
  • Boundary markers: Uses HTML comments to mark the start and end of generated sections in AGENTS.md.\n
  • Capability inventory: Requires Read, Edit, Write, and Bash permissions to update files.\n
  • Sanitization: Metadata content is extracted and placed into markdown tables without additional escaping or instruction-boundary wrappers.\n- [COMMAND_EXECUTION]: Employs bash scripts (sync.sh, sync_test.sh) for file system operations and string manipulation via awk, sed, and find. All operations are performed locally within the repository scope.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 13, 2026, 07:03 AM