Skills
skills/anian0/pick-skills/workspace-setup/Gen Agent Trust Hub

workspace-setup

Pass

Audited by Gen Agent Trust Hub on Apr 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/skills_manager.py uses subprocess.run() to execute npx skills commands. Commands are constructed using list-based arguments without shell=True, which protects against shell injection vulnerabilities.
  • [EXTERNAL_DOWNLOADS]: The skill downloads project-specific configuration files (CLAUDE.md, AGENTS.md) from a remote FileBrowser instance specified in the user's skillconfig.json. This is a core functional feature for syncing settings across environments.
  • [EXTERNAL_DOWNLOADS]: The skills_manager.py utility facilitates the installation of external skill packages from public registries. Users should verify the source of skills before installation.
  • [DATA_EXFILTRATION]: The scripts/sync_config.py script contains functionality to upload local files to a remote server. This is an intended synchronization feature documented in the skill's references.
  • [INDIRECT_PROMPT_INJECTION]: The skill ingests external content into the agent's workspace (via CLAUDE.md and AGENTS.md). These files are used to define agent behavior; since they are fetched from a remote source, they constitute an indirect injection surface if the remote server is compromised.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 21, 2026, 05:48 AM