Skills
skills/diegosouzapw/awesome-omni-skill/agent-discovery/Gen Agent Trust Hub

agent-discovery

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection by reading external markdown files that define agents.
  • Ingestion points: Reads agent definitions from .claude/agents/*.md and ~/.claude/agents/*.md (SKILL.md).
  • Boundary markers: The skill does not use delimiters or instructions to ignore embedded commands when parsing these files.
  • Capability inventory: The skill has access to Bash, Read, and Grep tools (SKILL.md).
  • Sanitization: No evidence of validation or filtering of external file content is present.
  • [COMMAND_EXECUTION]: The skill uses ls and grep via Bash to discover and parse files in user and project directories. This behavior is consistent with the stated purpose of agent discovery.
  • [EXTERNAL_DOWNLOADS]: The install_command in the metadata fetches the skill definition from a GitHub repository using curl. This is a standard installation pattern and uses a well-known service (GitHub).
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 10:11 AM