Skills
skills/fortunto2/solo-factory/solo-skill-audit/Gen Agent Trust Hub

solo-skill-audit

Pass

Audited by Gen Agent Trust Hub on Apr 5, 2026

Risk Level: SAFEPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface because it reads and processes instructions from external, untrusted skill files.
  • Ingestion points: It reads SKILL.md, references/*, scripts/*, and assets/* from the target skills.
  • Boundary markers: No boundary markers or instructions to disregard embedded commands are present in the audit logic.
  • Capability inventory: The skill has access to Read, Grep, Glob, and Bash tools.
  • Sanitization: No sanitization or validation of the ingested skill content is performed.
  • [DATA_EXFILTRATION]: The skill reads from ~/.claude/plugins/ to discover skills. While this path may contain sensitive information about other installed plugins, accessing it is necessary for the skill's primary function of auditing the local plugin environment.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 5, 2026, 09:51 AM