orient
Warn
Audited by Gen Agent Trust Hub on Mar 8, 2026
Risk Level: MEDIUMEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill uses the uvx utility to download the third-party showboat package from the official Python Package Index (PyPI).
- [REMOTE_CODE_EXECUTION]: The showboat package is executed at runtime to manage the orientation document lifecycle, including initialization and verification.
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute various system commands such as find, git, and uvx, and employs the Write tool to create local directories and documentation files.
- [PROMPT_INJECTION]: The skill reads and processes untrusted repository content, presenting an indirect prompt injection surface. Ingestion points: Repository manifest files, READMEs, and source code modules read during exploration. Boundary markers: No specific boundary markers or instructions to ignore embedded commands are present. Capability inventory: Access to Bash, Write, and uvx allows the agent to execute commands and modify the local filesystem based on processed content. Sanitization: No evidence of sanitization or validation of the ingested repository content is provided before it is used for synthesis or command planning.
Audit Metadata