Skills
skills/bjornmelin/dev-skills/opensrc-inspect/Gen Agent Trust Hub

opensrc-inspect

Pass

Audited by Gen Agent Trust Hub on Mar 19, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses a custom CLI tool named opensrc to manage local snapshots and fetch repository contents.- [EXTERNAL_DOWNLOADS]: The skill fetches source code from external, untrusted sources including GitHub, PyPI, and Crates.io.- [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface when processing external source code.
  • Ingestion points: External code is fetched into the opensrc/ directory for inspection (identified in SKILL.md).
  • Boundary markers: The instructions advise using --modify=false and treating files as read-only, but do not provide explicit delimiters or instructions for the agent to ignore natural language commands found within the code files.
  • Capability inventory: The agent can read fetched files and execute commands via the opensrc tool and other available skills (identified in SKILL.md and agents/openai.yaml).
  • Sanitization: No sanitization or filtering of the content is performed before the agent reads and analyzes the downloaded source code.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 19, 2026, 04:55 AM