Skills
skills/jamie-bitflight/claude_skills/arl/Gen Agent Trust Hub

arl

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructions in references/expert-repos.md direct the agent to execute shell commands, specifically git clone, to download external repositories to a sibling directory (../).
  • [EXTERNAL_DOWNLOADS]: The skill fetches content from several third-party GitHub repositories for analysis, including steveyegge/gastown, glittercowboy/get-shit-done, bgauryy/octocode-mcp, mikeyobrien/ralph-orchestrator, and bmad-code-org/BMAD-METHOD.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by design.
  • Ingestion points: Untrusted source code from external GitHub repositories is cloned and analyzed by specialized agents (references/ARL-agent-instructions.md).
  • Boundary markers: Not present; the instructions do not specify the use of delimiters or safety warnings when processing the external code.
  • Capability inventory: The system has the capability to execute shell commands (git clone) and perform recursive file system reads.
  • Sanitization: None; the agents are instructed to perform deep source code analysis without explicit sanitization or filtering of the input data.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 08:41 AM