Skills
skills/jubscodes/get-shit-pretty/gspdev-audit/Gen Agent Trust Hub

gspdev-audit

Pass

Audited by Gen Agent Trust Hub on Apr 11, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local developer-provided test script (dev/scripts/audit-tests.sh) as its primary step to verify framework integrity.
  • [COMMAND_EXECUTION]: The skill invokes the node runtime to perform version verification on package.json and syntax validation on the installer file bin/install.js.
  • [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection as it processes the contents of various local files including skills, agents, and templates.
  • Ingestion points: Multiple source files located in gsp/skills/, gsp/agents/, gsp/templates/, as well as CHANGELOG.md, VERSION, and package.json.
  • Boundary markers: Absent; the content is read directly into the agent's context for analysis.
  • Capability inventory: Access to Bash for command execution, Agent for spawning sub-agents, and WebFetch for external requests.
  • Sanitization: None; the skill treats the content of the audited files as data to be grepped and verified.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 11, 2026, 04:01 AM