Skills
skills/andreadellacorte/groove/groove-admin-cursor-hooks/Gen Agent Trust Hub

groove-admin-cursor-hooks

Pass

Audited by Gen Agent Trust Hub on Mar 11, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill writes shell scripts to the .groove/hooks/cursor/ directory and uses chmod +x to make them executable. It also modifies the .cursor/hooks.json file to register these scripts as automated hooks triggered by IDE lifecycle events.- [PROMPT_INJECTION]: The context-reprime.sh hook reads the local project file .groove/index.md and injects its content into the AI's session context via the additional_context field. This creates an indirect prompt injection surface if the local project file is modified by untrusted sources.
  • Ingestion points: .groove/index.md (read during the sessionStart hook).
  • Boundary markers: None; the content is passed directly to the model as context without delimiters.
  • Capability inventory: The skill has permission to write and execute scripts and modify IDE configurations.
  • Sanitization: No sanitization or validation of the input file content is performed before injection.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 11, 2026, 09:02 AM