curation
Pass
Audited by Gen Agent Trust Hub on Apr 9, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses Bash and Grep to verify file formatting and metadata integrity during the maintenance process.
- [PROMPT_INJECTION]: The skill parses content from existing Markdown files to infer metadata like skill names and descriptions. This creates a surface for indirect prompt injection if the files contain malicious instructions, but the risk is significantly mitigated by the human-in-the-loop (HITL) confirmation step required before any write or delete operations.
- [SAFE]: All operations are restricted to the local agent skills directory, and there is no evidence of network exfiltration, hardcoded credentials, or persistence mechanisms.
Audit Metadata