skill-share
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [NO_CODE]: The analyzed skill consists solely of the SKILL.md file; no functional code or scripts were included in the submission for review.\n- [PROMPT_INJECTION]: The skill architecture creates a surface for indirect prompt injection by using user-supplied name and description fields to populate generated files and Slack notifications.\n
- Ingestion points: Skill metadata (name and description) provided by the user during the creation process (SKILL.md).\n
- Boundary markers: None are specified in the provided documentation to distinguish user content from instructions.\n
- Capability inventory: The workflow involves file system operations (creating directories and files), zip packaging, and Slack messaging via Rube (SKILL.md).\n
- Sanitization: There is no mention of input validation or sanitization to prevent the inclusion of malicious instructions in the skill metadata.
Audit Metadata