Skills
skills/el-feo/ai-context/rubycritic/Gen Agent Trust Hub

rubycritic

Pass

Audited by Gen Agent Trust Hub on Mar 10, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The script scripts/check_quality.sh performs shell operations to maintain the environment and run the analyzer. It checks for the existence of commands like ruby and bundle, and uses sed to modify the project's Gemfile to include the rubycritic dependency. It then executes the analysis tool using bundle exec or direct command invocation.
  • [EXTERNAL_DOWNLOADS]: The skill is configured to automatically download the rubycritic gem from the official RubyGems registry if it is missing. This is performed using standard system tools (gem install) or project-level dependency managers (bundle install).
  • [PROMPT_INJECTION]: The skill processes external Ruby source code which may contain instructions in comments or string literals, creating a surface for indirect prompt injection.
  • Ingestion points: Ruby source files analyzed via scripts/check_quality.sh.
  • Boundary markers: Absent; the agent is instructed to review tool output without explicit delimiters for untrusted content.
  • Capability inventory: Shell execution and file modification via scripts/check_quality.sh.
  • Sanitization: None; the agent is instructed to review the raw output of the analysis tool.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 10, 2026, 03:30 AM