Skills
skills/jokejason/local-context7/generate-agent-skills/Gen Agent Trust Hub

generate-agent-skills

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill executes shell commands like find, du, and cp using variables derived from directory names ({skill-name}). This presents a minor risk of command injection if local directory names are maliciously crafted.
  • [PROMPT_INJECTION] (LOW): Indirect prompt injection surface identified. The skill ingests untrusted data from documentation files to generate metadata and structure maps.
  • Ingestion points: Content within output/{skill-name}/ directories.
  • Boundary markers: Absent; the skill does not use specific delimiters to separate processed content from instructions.
  • Capability inventory: File system manipulation (mkdir, cp, rm), subprocess execution (find, du, wc), and file generation.
  • Sanitization: No sanitization or escaping of file content or paths is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:20 PM