using-grove
Pass
Audited by Gen Agent Trust Hub on Feb 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Executes local system commands including git, test, and the grove CLI to manage development workspaces and verify repository state.
- [EXTERNAL_DOWNLOADS]: Directs users to the author's GitHub repository (github.com/chrisbanes/grove) for the installation of the Grove CLI tool. This is a vendor-owned resource and is considered safe.
- [REMOTE_CODE_EXECUTION]: Dynamically executes test suites based on detected repository markers (e.g., gradlew, npm, pytest). While this executes code from the local workspace, it is the intended functionality for project validation.
- [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by parsing JSON output from the grove CLI.
- Ingestion points: SKILL.md (Step 3: Parsing JSON output for path and id).
- Boundary markers: Absent.
- Capability inventory: SKILL.md (Step 4 & 5: Directory navigation and test execution).
- Sanitization: Absent.
Audit Metadata