lazy-skill
Pass
Audited by Gen Agent Trust Hub on May 13, 2026
Risk Level: SAFE
Full Analysis
- [INDIRECT_PROMPT_INJECTION]: The skill functions as a loader for external markdown files, creating an ingestion point for instructions contained within those files. While this is the intended functionality, it constitutes an indirect prompt injection surface if malicious content is present in the local library.
- Ingestion points: Reads SKILL.md and README.md files from local directories such as ~/.agents/lazy-skills/.
- Boundary markers: No specific delimiters or safety instructions are used to wrap the loaded content.
- Capability inventory: The skill utilizes a file reading tool; the loaded skills may introduce further capabilities.
- Sanitization: No content validation or sanitization is performed on the ingested text.
- [DYNAMIC_EXECUTION]: The skill dynamically constructs and resolves file paths to load skill content based on user input and environment variables. This core feature includes recursive file system searches within local skill collections.
Audit Metadata