skill-neovim-implementation
Pass
Audited by Gen Agent Trust Hub on Mar 5, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes system commands via bash for state management and file manipulation. This includes using jq to parse and update state.json, sed to modify project plan files, and git to commit changes to the repository.
- [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it ingests and processes data from potentially untrusted files.
- Ingestion points: Content is read from specs/state.json, subagent-generated .return-meta.json, and implementation plan markdown files.
- Boundary markers: No boundary markers or 'ignore embedded instructions' warnings are present to isolate the processed content.
- Capability inventory: The skill can execute bash commands, modify project files, and perform git operations.
- Sanitization: The skill uses jq --arg for some string insertions, but relies on raw variable interpolation for task identifiers and file paths in shell commands and jq filters.
Audit Metadata