Skills
skills/congdon1207/agents.md/ai-dev-tools-sync/Gen Agent Trust Hub

ai-dev-tools-sync

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTION
Full Analysis
  • PROMPT_INJECTION (HIGH): The skill is highly vulnerable to Indirect Prompt Injection (Category 8) as it processes external, untrusted content and uses it to modify core agent behavior files.\n
  • Ingestion points: Web search results for queries like "GitHub Copilot features setup 2026" and local reference files (SKILL.md, Step 2).\n
  • Boundary markers: Absent; there are no instructions to the agent to ignore or delimit embedded commands within the search results.\n
  • Capability inventory: The skill possesses significant file-write capabilities, modifying CLAUDE.md, .github/copilot-instructions.md, and creating new executable/instructional files in .claude/ and .github/ directories (SKILL.md, Step 4).\n
  • Sanitization: Absent; external content is used directly to define the behavior and capabilities of the agent without validation or filtering.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 12:46 PM