Skills
skills/dokhacgiakhoa/antigravity-ide/agent-manager-skill/Gen Agent Trust Hub

agent-manager-skill

Fail

Audited by Gen Agent Trust Hub on Feb 21, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (HIGH): The skill requires cloning a repository from github.com/fractalmind-ai, which is not an organization included in the [TRUST-SCOPE-RULE] list.
  • REMOTE_CODE_EXECUTION (HIGH): The instructions prompt the user to execute Python scripts (scripts/main.py) directly from the cloned untrusted repository, a classic 'download and execute' pattern.
  • COMMAND_EXECUTION (MEDIUM): The skill manages and monitors local CLI agents via tmux sessions and Python subprocesses, creating a significant surface for command execution. It also mentions 'cron-friendly' scheduling, suggesting persistence capabilities.
  • PROMPT_INJECTION (LOW): The assign command uses a heredoc to pass instructions to agents, creating a surface for indirect prompt injection. 1. Ingestion points: assign command heredoc in SKILL.md. 2. Boundary markers: Absent. 3. Capability inventory: python3 script execution and tmux session management. 4. Sanitization: Absent.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 21, 2026, 10:28 AM