Skills
skills/a2f0/tearleads/preen/Gen Agent Trust Hub

preen

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes numerous shell commands and local utility scripts to automate development workflows, including repository state management, code searching, and pull request lifecycle management.
  • Evidence: Frequent calls to git, gh, pnpm, rg, find, and various local scripts in the ./scripts/ directory for discovery and validation tasks across categories in SKILL.md.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting data from external and local sources that could influence the agent's behavior or output.
  • Ingestion points: GitHub issue titles and bodies via gh issue list and local source code patterns via rg (ripgrep) in SKILL.md.
  • Boundary markers: Absent; there are no clear delimiters used to isolate ingested data from the prompt context.
  • Capability inventory: Significant capabilities including code modification, branch management (git checkout, git push), and automated pull request creation (gh pr create) in SKILL.md.
  • Sanitization: Absent; the skill does not appear to sanitize or escape data retrieved from issues or files before incorporating it into pull request bodies or logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 10:13 PM