Skills
skills/chmouel/lazyworktree/theme-audit/Gen Agent Trust Hub

theme-audit

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill executes cat, grep, and head to inspect source files. These are standard tools for code auditing and are used within the scope of the skill's stated purpose.
  • [PROMPT_INJECTION] (LOW): The skill reads external data from the filesystem which could contain malicious instructions.
  • Ingestion points: Reads file contents from internal/theme/theme.go and the internal/app/ directory.
  • Boundary markers: No delimiters or instructions are used to separate file content from agent instructions.
  • Capability inventory: The skill can execute shell commands via the ! prefix.
  • Sanitization: There is no filtering or sanitization of the content read from the files.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 01:14 AM