Skills
skills/jacobcy/vibe-coding-control-center/vibe-continue/Gen Agent Trust Hub

vibe-continue

Pass

Audited by Gen Agent Trust Hub on Mar 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes read-only git and gh (GitHub CLI) commands, such as git branch --show-current, git status --short, and gh pr view, to retrieve deterministic facts about the workspace. These commands are standard for developer-oriented agents and are used solely for environment inspection.
  • [PROMPT_INJECTION]: The skill reads external task data from files like .agent/context/task.md and vibe/registry.json to restore context, which creates an indirect prompt injection surface. Ingestion points: .agent/context/task.md, vibe/registry.json, and vibe/tasks/task.json. Boundary markers: None. Capability inventory: Environment inspection via git and gh. Sanitization: None detected. While this allows external data into the prompt context, the risk is inherent to the skill's purpose of context restoration and the usage is focused on status reporting rather than command generation.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 15, 2026, 03:09 PM