Skills
skills/equinor/fusion-skills/fusion-discover-skills/Gen Agent Trust Hub

fusion-discover-skills

Pass

Audited by Gen Agent Trust Hub on Mar 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the gh CLI and npx for discovery workflows. These are used strictly for read-only operations like searching and listing, with explicit instructions forbidding the execution of fetched scripts or piping remote content to a shell.
  • [EXTERNAL_DOWNLOADS]: The skill references the equinor/fusion-skills repository on GitHub as a source for discovery. This is a trusted vendor-owned resource used for legitimate catalog inspection.
  • [PROMPT_INJECTION]: The skill processes skill definitions and metadata from external sources, which presents a surface for indirect prompt injection.
  • Ingestion points: User queries and repository file contents (SKILL.md) retrieved via gh or mcp_fusion_skills as described in SKILL.md and agents/github-raw-search-advisor.md.
  • Boundary markers: Not explicitly defined for delimiting external metadata.
  • Capability inventory: Shell command execution via gh and npx, alongside MCP tool calls.
  • Sanitization: Instructions in SKILL.md and agents/github-raw-search-advisor.md strictly prohibit the execution of fetched content and restrict shell usage to read-only discovery commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 12, 2026, 08:11 AM