Skills
skills/athola/claude-night-market/tiered-audit/Gen Agent Trust Hub

tiered-audit

Pass

Audited by Gen Agent Trust Hub on Apr 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands that incorporate variables, specifically {base} in SKILL.md (e.g., git log ... {base}..HEAD). If the value of {base} is derived from untrusted input and not properly sanitized before execution, it could lead to command injection.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from the local repository.
  • Ingestion points: Git commit history (messages and metadata) and source code files read during Tier 2 and Tier 3 analysis.
  • Boundary markers: None identified. The instructions do not direct the agent to distinguish between its own operational instructions and instructions that might be embedded within the data being audited (e.g., in commit messages or code comments).
  • Capability inventory: The skill possesses the ability to execute Bash commands, perform file system operations via Read, and use Grep and Glob tools.
  • Sanitization: No evidence of sanitization or escaping of the ingested data is found before the agent processes it.
  • [SAFE]: The skill implements a 'Tier 3 Gate' in modules/tier3-gate.md which requires explicit user confirmation before performing a full codebase audit, helping to prevent unintended high-resource consumption or extensive data access.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 13, 2026, 11:26 PM