Skills
skills/everyinc/every-marketplace/slfg/Gen Agent Trust Hub

slfg

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted user input via the $ARGUMENTS variable which is interpolated directly into the /ce:plan command in SKILL.md.
  • Ingestion points: User-provided $ARGUMENTS in SKILL.md
  • Boundary markers: Absent
  • Capability inventory: /ce:work (code generation), /ce:review (checkout mutation and autofix)
  • Sanitization: Absent
  • [COMMAND_EXECUTION]: The skill defines an autonomous workflow with high-privilege capabilities including the ability to 'mutate the checkout' and 'apply safe_auto fixes' via the /ce:review command. Because these actions are driven by the output of the planning phase, which is itself influenced by untrusted user arguments, there is a risk of indirect command execution or unauthorized file system modification if the input is maliciously crafted.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 01:14 AM