Skills
skills/haha0815/claude-meta-skills/skills-updater/Gen Agent Trust Hub

skills-updater

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses subprocess.run to execute local git commands for repository management tasks such as fetching, pulling, and checking commit histories.
  • [EXTERNAL_DOWNLOADS]: The skill retrieves data from github.com (for marketplace metadata and commit SHAs) and skills.sh (for trending skill lists) using urllib.request.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted data from external sources that could contain malicious instructions designed to influence the agent's behavior.
  • Ingestion points: scripts/check_updates.py (fetches remote marketplace.json and commit info) and scripts/recommend_skills.py (scrapes HTML from skills.sh).
  • Boundary markers: No explicit delimiters or instructions are provided to the agent to disregard potential instructions embedded in the external data.
  • Capability inventory: The skill possesses the capability to execute shell commands (via git) and suggest installation commands to the user or agent.
  • Sanitization: While the skill uses HTMLParser and regular expressions to extract relevant fields, it does not implement specific sanitization to detect or prevent prompt injection attacks.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 09:42 AM