Skills
skills/bryantleft/bruhs-skill/bruhs/Gen Agent Trust Hub

bruhs

Pass

Audited by Gen Agent Trust Hub on Feb 19, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • REMOTE_CODE_EXECUTION (LOW): The skill uses npx and pnpm create to fetch and execute external packages. This is a standard part of its scaffolding and MCP integration functionality but involves executing code from unverified sources.
  • PROMPT_INJECTION (LOW): The skill's /bruhs peep and /bruhs cook commands ingest external data from GitHub PR comments and Linear tickets. This creates an indirect prompt injection surface where a malicious user could potentially influence agent behavior through these comments.
  • Ingestion points: GitHub PR comments (gh api), Linear ticket descriptions.
  • Boundary markers: Absent. No specific delimiters or warnings are used to isolate untrusted data.
  • Capability inventory: The agent has permission to execute shell commands (git, gh), write to the filesystem, and perform network requests via MCP.
  • Sanitization: Absent. External text is processed directly within the agent context.
  • COMMAND_EXECUTION (SAFE): Extensive use of git and gh is core to the skill's purpose and appears to be implemented using safe, standard patterns.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 19, 2026, 12:54 PM