Skills
skills/bsamiee/parametric_forge/command-builder/Gen Agent Trust Hub

command-builder

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [INDIRECT_PROMPT_INJECTION] (LOW): The skill instructs the agent to read and follow instructions from multiple external files.
  • Ingestion points: index.md, workflow.md, variables.md, hints.md, and the style-standards skill as defined in the 'Tasks' section of SKILL.md.
  • Boundary markers: Absent. The instructions do not specify any delimiters or warnings to ignore instructions found within these files.
  • Capability inventory: The skill explicitly enables and describes the use of high-privilege tools including Bash, Read, Write, Edit, and Task.
  • Sanitization: Absent. There is no mention of validating or sanitizing the content retrieved from the referenced files before processing.
  • [COMMAND_EXECUTION] (SAFE): The skill documentation describes how to use the Bash tool and !command syntax for shell execution. While these are powerful capabilities, they are the primary intended purpose of the skill (building developer commands) and do not appear to be used maliciously within this context.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 01:31 PM