smart-router-skill
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses a central router script to execute specific workflow scripts based on user-provided arguments.
- Evidence:
router.shexecutes scripts usingbash "$SCRIPT_PATH" "$MISSION". - Mitigation: The script path and arguments are strictly validated. The character name must match a predefined whitelist (yoda, stark, sherlock), and the mission ID is restricted to the digits 1 or 2 using a regular expression. This prevents arbitrary command injection.
- [SAFE]: The skill does not perform any network operations, access sensitive files, or attempt to persist across sessions.
- [SAFE]: No prompt injection or obfuscation techniques were detected. The themed content, including mentions of 'bypassing protocols' in the Tony Stark workflow, is purely decorative and part of the character role-play output.
Audit Metadata