Skills
skills/andreadellacorte/groove/daily/Gen Agent Trust Hub

daily

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill implements a hook mechanism in commands/start.md and commands/end.md that reads and executes instructions from .groove/hooks/start.md and .groove/hooks/end.md. This constitutes an indirect prompt injection surface.
  • Ingestion points: Hook files located at .groove/hooks/start.md and .groove/hooks/end.md.
  • Boundary markers: No explicit delimiters or safety instructions are used when parsing the content of these files.
  • Capability inventory: The agent utilizes Read, Write, Edit, and Bash(git:*) tools to carry out hook instructions.
  • Sanitization: The skill does not validate or sanitize the list of actions retrieved from the hook files before execution.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute git rev-parse --show-toplevel. While restricted to the git binary, this is an execution of an external process to determine environment context.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 12:28 PM