creating-skills
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- COMMAND_EXECUTION (LOW): The skill utilizes the '!' directive in SKILL.md to execute shell commands such as 'git log' and 'git rev-parse' at load time. These are standard development tools and are used here to provide project context to the agent.
- PROMPT_INJECTION (LOW): The skill documents an indirect prompt injection surface through its support for string substitution and context injection features. (1) Ingestion points: User-provided arguments ($1, $ARGUMENTS) and external tool outputs (e.g., from 'gh issue view') are interpolated into the prompt. (2) Boundary markers: No delimiters or isolation warnings are shown in the examples to protect against embedded instructions in external data. (3) Capability inventory: The skill documents the use of the Bash tool for command execution and file operations. (4) Sanitization: No sanitization, escaping, or validation of interpolated data is demonstrated in the examples.
Audit Metadata