Skills
skills/eins78/skills/bye/Gen Agent Trust Hub

bye

Pass

Audited by Gen Agent Trust Hub on Feb 26, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Utilizes shell commands like pwd, tr, and sed to resolve project-specific paths and searches internal directories such as ~/.claude/projects/ and ~/.claude/plans/ using ls and grep.
  • [DATA_EXFILTRATION]: Facilitates git push to remote repositories. While the skill's logic explicitly forbids committing .env files or credentials, the automated nature of pushing local content constitutes a potential data leakage vector.
  • [PROMPT_INJECTION]: Operates on historical conversation data stored in .jsonl and plan files, which presents an indirect prompt injection surface. Embedded instructions in previous conversation segments could potentially be interpreted as active commands during history reconstruction.
  • Ingestion points: Files at ~/.claude/projects/ and ~/.claude/plans/.
  • Boundary markers: Uses User: and Agent: prefixes to identify speaker turns but lacks strict sandboxing for the extracted text.
  • Capability inventory: Command execution, file writing, and Git operations.
  • Sanitization: Does not explicitly implement sanitization for data extracted from logs.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 26, 2026, 12:48 AM