fish-functions
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill provides instructions for creating and testing Fish shell functions using the fish -c command. This functionality is essential for its primary purpose of shell environment development and customization.
- [PROMPT_INJECTION]: The skill represents a surface for indirect prompt injection as it involves generating executable shell scripts from user-provided instructions. This risk is inherent to the skill's primary function of code generation. The documentation includes safety guidance recommending manual user testing of the generated functions rather than automated execution by the agent.
- [EXTERNAL_DOWNLOADS]: Examples within the skill's documentation reference the installation of well-known and trusted command-line utilities such as gum, ffmpeg, and imagemagick using standard system package managers like Homebrew.
Audit Metadata