Skills
skills/camacho/ai-skills/capture/Gen Agent Trust Hub

capture

Pass

Audited by Gen Agent Trust Hub on Mar 30, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill ingests untrusted natural language input from users in SKILL.md. This input is used to construct shell commands and markdown content, providing a surface for indirect prompt injection.\n
  • Ingestion points: User-provided free-text description (SKILL.md).\n
  • Boundary markers: Absent; the input is interpolated directly into command arguments and file templates.\n
  • Capability inventory: Execution of the gh CLI tool and file writing to ai-workspace/scratchpad.md.\n
  • Sanitization: None; the skill does not specify any validation or escaping for the user-supplied strings.\n- [COMMAND_EXECUTION]: The skill uses the gh issue create command with arguments derived from user input (--title and --body). If the agent does not properly escape shell metacharacters within the description, an attacker could achieve command injection to execute arbitrary code on the system.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 30, 2026, 08:15 PM