skill-compare
Pass
Audited by Gen Agent Trust Hub on Mar 1, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes an internal Node.js script (
compare.mjs) located within the plugin's root directory. This script handles the core comparison logic using arguments provided by the user and is a legitimate use of command execution for the skill's primary purpose. - [PROMPT_INJECTION]: Includes an instruction for the agent to display the script's output without modification. This is a formatting directive intended to preserve the technical accuracy of the diff and metrics, and it does not attempt to bypass safety filters or override system instructions.
Audit Metadata