Skills
skills/ctsstc/get-shit-done-skills/gsd-verifier/Gen Agent Trust Hub

gsd-verifier

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to run local utilities such as ls, cat, grep, and wc. These commands are used for structural verification of the codebase, such as checking for file existence, verifying line counts, and detecting stub patterns.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface. It reads and parses untrusted data from project files to derive verification goals. 1. Ingestion points: Reads files from .planning/ directory and the wider project source code (e.g., PLAN.md, ROADMAP.md). 2. Boundary markers: No delimiters or 'ignore embedded instructions' warnings are present. 3. Capability inventory: The agent uses Bash, Read, Grep, and Glob tools to interact with the file system. 4. Sanitization: No evidence of sanitization or validation of the content extracted from the codebase before it influences the agent's logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 12:50 PM