Skills
skills/andreadellacorte/groove/groove-daily-start/Gen Agent Trust Hub

groove-daily-start

Warn

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the Bash(git:*) tool to execute git log commands. This is used to retrieve commit history for the daily review. The execution is restricted to the git binary.
  • [DYNAMIC_EXECUTION]: The skill implements a hooks system where it checks for the existence of .groove/hooks/start.md and is instructed to 'execute each item' found in the ## Actions section. This allows the agent's behavior to be modified at runtime based on the contents of a local file.
  • [INDIRECT_PROMPT_INJECTION]: The skill is vulnerable to instructions embedded in local configuration files.
  • Ingestion points: The skill reads instructions from .groove/hooks/start.md and configuration parameters from .groove/index.md.
  • Boundary markers: Absent. The skill does not use delimiters or instructions to ignore potential injections within the hook file.
  • Capability inventory: The skill possesses Read, Write, Edit, and Bash(git:*) capabilities, which can be leveraged by instructions found in the hook file.
  • Sanitization: Absent. There is no validation or filtering of the actions defined in the hook file before execution.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 10, 2026, 09:03 AM