Skills
skills/jeo-tech-ai/oh-my-unity3d/git-submodule/Gen Agent Trust Hub

git-submodule

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions for cloning and adding external Git repositories as submodules.
  • Examples include commands like git submodule add https://github.com/example/lib.git and git clone --recursive <repository-url>.
  • References to well-known services like GitHub are used in examples.
  • [COMMAND_EXECUTION]: Multiple instructions involve executing shell commands to manage the filesystem and Git state, including git submodule update, git submodule foreach, and directory removal with rm -rf.
  • [PROMPT_INJECTION]: The skill demonstrates a vulnerability to indirect prompt injection (Category 8).
  • Ingestion points: Untrusted data enters the agent's context through remote Git repositories via git clone, git submodule add, and git submodule update operations described in SKILL.md.
  • Boundary markers: There are no instructions or delimiters defined to prevent the agent from obeying instructions that might be embedded in the files of the downloaded submodules.
  • Capability inventory: The agent is instructed to execute shell commands and modify the local filesystem, providing a surface for malicious instructions to trigger actions.
  • Sanitization: No mechanisms are provided to sanitize or validate the content of the submodules before the agent interacts with them.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 11:58 AM