reference-searcher
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [PROMPT_INJECTION]: The skill defines a workflow for processing untrusted data from GitHub and web searches, creating an indirect prompt injection surface. This is inherent to the skill's primary purpose of reference searching.
- Ingestion points: External data entering via web search and GitHub code search results as described in SKILL.md.
- Boundary markers: None specified for separating search results from agent instructions.
- Capability inventory: Suggestions to use the GitHub CLI (gh) for read-only searches and web search tools.
- Sanitization: No explicit sanitization or validation of the retrieved external content is mentioned.
- [COMMAND_EXECUTION]: Includes instructional examples for using the GitHub CLI (gh) to perform code searches. These commands are limited to information gathering and do not pose a risk of system modification or dangerous execution.
Audit Metadata