add-check
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [Indirect Prompt Injection] (LOW): The skill defines templates for modifying CI/CD and build tool configurations (justfile, GitHub Actions, Lefthook). While the skill itself is passive documentation, an agent using these templates with unvalidated external input for the
YOUR_COMMANDplaceholder could inadvertently introduce malicious commands into the build pipeline. Mandatory Evidence Chain:\n - Ingestion points: Instructions for the agent to take
YOUR_COMMANDfrom user/external context and insert into config files.\n - Boundary markers: None present in the templates.\n
- Capability inventory: File-write access to sensitive configurations (.github/workflows/ci.yaml, justfile, lefthook.yml).\n
- Sanitization: None specified; relies on the agent's internal safety filters.\n- [Malicious Patterns] (SAFE): No evidence of prompt injection, obfuscation, or data exfiltration attempts.\n- [Privilege Escalation] (SAFE): While the skill involves modifying high-privilege files (CI workflows), it does so within the context of a developer tool and does not attempt to bypass system permissions or use
sudo.
Audit Metadata