skill-crafting
Pass
Audited by Gen Agent Trust Hub on Mar 2, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides shell command templates and a pre-written bash script intended for structural validation. These commands utilize common utilities like
grep,sed,jq, andwcto analyze local markdown and YAML files for quality assurance. - [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection as it is designed to ingest and iterate upon user-provided skill definitions.
- Ingestion points: Processes new or existing files within the local
skills/directory, specificallySKILL.mdandreferences/guide.md. - Boundary markers: Absent. The skill does not specify the use of delimiters or 'ignore' markers to separate developer instructions from the content of the target skills.
- Capability inventory: Capability to execute local shell commands for file analysis and use interactive tools like
AskUserQuestionto influence agent logic. - Sanitization: Absent. The framework treats skill logic and instructional content as plain text, relying on manual review rather than automated sanitization.
Audit Metadata