stack-set
Pass
Audited by Gen Agent Trust Hub on Mar 27, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE]: The skill does not contain any executable code, scripts, or binary assets. It serves entirely as a natural language instruction to the agent.
- [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection by directing the agent to read and follow instructions from a file located at
.agents/workflows/stack-set.md. If this file is part of an untrusted repository, it could contain malicious instructions. - Ingestion points:
.agents/workflows/stack-set.md(local file path) - Boundary markers: Absent; the skill lacks delimiters or instructions to treat the external file as untrusted data.
- Capability inventory: The agent uses its default file-access and command-execution capabilities to perform the tasks defined in the workflow file.
- Sanitization: None; the skill assumes the content of the workflow file is authoritative and safe to follow step-by-step.
Audit Metadata