Skills
skills/alemar11/skills/skill-audit/Gen Agent Trust Hub

skill-audit

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git log and rg (ripgrep) to analyze skill history and search through memory files. These commands are executed locally on the user's filesystem.
  • [DATA_EXFILTRATION]: The skill accesses historical session data and memory files (e.g., ~/.codex/sessions, ~/.agents/memories). While no network-based exfiltration was found, the skill reads potentially sensitive private data as part of its core auditing function.
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected. Ingestion points: SKILL.md, agents/openai.yaml, MEMORY.md, and session JSONL files are read from the local system. Boundary markers: No explicit markers or instructions were found to delimit untrusted content from those files. Capability inventory: The skill uses git log, ripgrep, and broad file system read access. Sanitization: There is no evidence of content sanitization, escaping, or validation before the ingested data is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 11:22 AM