Skills
skills/boshu2/agentops/discovery/Gen Agent Trust Hub

discovery

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes local command-line tools to manage the discovery workflow and state.
  • Command List: It uses mkdir for directory setup, ao for searching prior session history, and bd for task/epic management.
  • Vendor Scripts: The skill executes local scripts scripts/checkpoint-commit.sh and scripts/log-telemetry.sh, which are part of the author's environment for persistence and monitoring.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes user input and generated content.
  • Ingestion points: Untrusted data enters via the <goal> parameter in SKILL.md and through pre-mortem reports read from the .agents/council/ directory.
  • Boundary markers: No explicit delimiters or 'ignore' instructions are used when interpolating these variables into shell commands or subsequent skill invocations.
  • Capability inventory: The skill can execute local shell commands and call other functional skills within the agent environment.
  • Sanitization: There is no evidence of input escaping or validation for the data ingested during the workflow orchestration.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 11:53 PM