Skills
skills/blogic-cz/blogic-marketplace/sync-template/Gen Agent Trust Hub

sync-template

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches the blogic-cz/blogic-template-ts repository from GitHub via the opensrc utility. This is a vendor-owned resource used as a local source for comparison during the sync process.
  • [COMMAND_EXECUTION]: Executes multiple CLI tools including git, gh, bun, grep, and diff (SKILL.md). These tools are used for repository status discovery, file diffing, environment checks, and running project-level quality checks.
  • [PROMPT_INJECTION]: Identifies a surface for indirect prompt injection (Category 8). The skill processes untrusted data from an external repository to generate migration plans and apply changes.
  • Ingestion points: Source files within opensrc/repos/github.com/blogic-cz/blogic-template-ts/ (SKILL.md).
  • Boundary markers: Absent; the skill does not implement delimiters or safety instructions to distinguish template content from agent instructions.
  • Capability inventory: Includes git commit, bun run check, bun run test, and the generation of execution plans in .sisyphus/plans/ (SKILL.md).
  • Sanitization: Absent; there is no explicit validation or sanitization of the template content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 05:48 AM