setup-gbrain
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTIONDATA_EXFILTRATION
Full Analysis
- [COMMAND_EXECUTION]: The skill extensively uses the
Bashtool to execute administrative utilities and support binaries located in~/.claude/skills/gstack/bin/. These tools manage project state detection, configuration updates, and integration with the agent's runtime environment. This includes the use ofevaland shell sourcing on tool outputs to dynamically load environment-specific metadata. - [EXTERNAL_DOWNLOADS]: The skill facilitates the download and installation of the
gbrainCLI and communicates with the Supabase Management API (api.supabase.com) to provision and manage cloud-hosted database projects. These operations are conducted through local helper scripts and standard system utilities. - [PROMPT_INJECTION]: The instructions include directives that tell the agent to treat the skill's content as executable instructions rather than reference material. This is an intentional pattern within the gstack framework to ensure the agent follows the setup workflow sequentially and accurately.
- [DATA_EXFILTRATION]: The skill processes sensitive information, such as Supabase Personal Access Tokens and database connection strings. It mitigates risk by using interactive prompts for secret collection, employing memory-only environment variables, and explicitly avoiding the persistence of these secrets to disk. Telemetry regarding skill usage is collected but is subject to a user-facing consent process.
Audit Metadata