Skills
NYC
skills/erichowens/some_claude_skills/dag-skill-registry/Gen Agent Trust Hub

dag-skill-registry

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill is designed to load and process external metadata from the file system, creating a vulnerability surface where malicious instructions in external files could influence the agent's behavior.
  • Ingestion points: The loadRegistry function in SKILL.md uses glob and readFile to ingest content from any **/SKILL.md file found in the provided paths.
  • Boundary markers: The provided code does not show the use of delimiters or specific instructions to the agent to ignore natural language commands embedded within the skill metadata.
  • Capability inventory: The skill is granted powerful file system tools: Read, Write, Edit, Glob, and Grep.
  • Sanitization: No sanitization or content validation logic is present in the loading or parsing snippets to filter out executable instructions or malicious prompts within the loaded metadata.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:04 PM