Skills
skills/featbit/featbit-release-decision-agent/project-sync/Gen Agent Trust Hub

project-sync

Pass

Audited by Gen Agent Trust Hub on Apr 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local script scripts/sync.ts using the npx tsx command to handle project state operations.
  • [EXTERNAL_DOWNLOADS]: Uses npx to run the script, which may download the tsx runtime from the official npm registry if it is not already cached.
  • [DATA_EXFILTRATION]: Communicates with an external API via HTTP POST, PUT, and GET requests to synchronize project information. The API endpoint is configurable via the SYNC_API_URL environment variable.
  • [PROMPT_INJECTION]: The skill retrieves arbitrary project data from a remote database via the get-project command, which creates a surface for indirect prompt injection.
  • Ingestion points: Data is fetched from the web API and printed to the terminal in scripts/sync.ts, which the agent then reads.
  • Boundary markers: No delimiters or instructions are used to separate retrieved data from the agent's core instructions.
  • Capability inventory: The skill allows for subsequent network writes and state transitions based on the retrieved information.
  • Sanitization: The script performs no sanitization or validation of the data retrieved from the remote database before it enters the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 7, 2026, 12:57 PM