Skills
skills/aspiers/ai-config/task-implementation/Gen Agent Trust Hub

task-implementation

Pass

Audited by Gen Agent Trust Hub on Feb 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is instructed to search for and execute arbitrary shell commands found in various repository files including package.json, Makefile, and markdown documentation.
  • Evidence: The process explicitly commands the agent to 'Run linters' and 'Run tests' by extracting commands from CLAUDE.md, .cursorrules, AGENTS.md, AGENT.md, GEMINI.md, README.md, and package.json.
  • [PROMPT_INJECTION]: The skill contains instructions that could lead to indirect prompt injection by processing untrusted data from the repository environment.
  • Ingestion points: The agent reads CLAUDE.md, .cursorrules, AGENTS.md, AGENT.md, GEMINI.md, README.md, package.json, and Makefile to find executable logic.
  • Boundary markers: Absent. No delimiters or instructions are provided to the agent to treat found commands as potentially untrusted or to ignore embedded malicious instructions.
  • Capability inventory: The agent has the capability to execute shell commands (subprocess calls) to perform linting and testing.
  • Sanitization: Absent. The skill does not include any validation or filtering of the commands extracted from the project files before execution.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 28, 2026, 06:04 PM