Skills
skills/diegosouzapw/awesome-omni-skill/fix-bug/Gen Agent Trust Hub

fix-bug

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands including cargo run, cargo test, git, and gh to perform its bug-fixing workflow. These capabilities are consistent with the skill's primary purpose.
  • [EXTERNAL_DOWNLOADS]: The installation command in metadata.json retrieves the skill's definition from GitHub (raw.githubusercontent.com), which is a well-known and trusted source for code distribution.
  • [PROMPT_INJECTION]: The skill processes untrusted data from GitHub issues (gh issue view) and compiler error messages without explicit sanitization or boundary markers, making it vulnerable to indirect prompt injection.
  • Ingestion points: External GitHub issue descriptions and local Rust error messages (SKILL.md).
  • Boundary markers: Absent; there are no delimiters separating external data from instructional context.
  • Capability inventory: Shell execution (cargo run/test), file modification, and repository operations (git push, PR creation) (SKILL.md).
  • Sanitization: Absent; external data is incorporated directly into the agent's reasoning process.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 05:56 AM