PreCommit
Fail
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: HIGHEXTERNAL_DOWNLOADSREMOTE_CODE_EXECUTIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS / REMOTE_CODE_EXECUTION] (HIGH): In 'Workflows/CIIntegration.md', the skill recommends a piped remote execution pattern ('curl | bash') to install 'tflint' from 'terraform-linters'. As this organization is not on the Trusted Organizations list, recommending the direct execution of its remote scripts is high-risk.
- [REMOTE_CODE_EXECUTION] (HIGH): The primary function of the skill is to configure and install pre-commit hooks that download and run code from third-party GitHub repositories. This creates a significant attack surface where compromised or malicious repositories could achieve execution on the developer machine or CI environment.
- [COMMAND_EXECUTION] (MEDIUM): The skill utilizes local TypeScript tools ('Tools/PreCommitManager.ts') to run shell commands and modify git hooks, which involves interacting with the underlying system shell.
- [PROMPT_INJECTION] (LOW): The skill has an indirect prompt injection surface (Category 8). Ingestion points: Fetches hook configuration data from 'raw.githubusercontent.com' in 'Workflows/AddHooks.md'. Boundary markers: Absent; the skill does not use delimiters or warnings for external data. Capability inventory: Uses 'Tools/PreCommitManager.ts' for command execution and 'Workflows/CustomHook.md' for script generation. Sanitization: Absent; fetched metadata is used to generate local configuration without validation.
Recommendations
- AI detected serious security threats
Audit Metadata