Skills
skills/aspiers/ai-config/allow-agent-commands/Gen Agent Trust Hub

allow-agent-commands

Warn

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: MEDIUMCOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides explicit instructions for the agent to modify its execution environment by updating permission allow-lists in .config/opencode/opencode.json and .claude/settings.json.
  • [COMMAND_EXECUTION]: This functionality represents a privilege escalation vector, as it guides the agent on how to modify the security boundaries defined by its restricted command environment.
  • [COMMAND_EXECUTION]: The instructions promote the use of wildcard patterns (e.g., "rg *": "allow"), which can grant overly broad permissions for command execution with arbitrary arguments.
  • [COMMAND_EXECUTION]: The skill coordinates with other subagents (git-stager, git-committer) to apply and persist these permission changes to a configuration repository.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 24, 2026, 12:46 PM