Skills
skills/jwmossmoz/agent-skills/os-integrations/Gen Agent Trust Hub

os-integrations

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONREMOTE_CODE_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches task graph data and worker pool configurations from Mozilla's official Taskcluster instance and GitHub repositories (mozilla-releng/fxci-config).
  • [COMMAND_EXECUTION]: The script run_try.py executes git commands to manage temporary branches and ./mach commands within the user's ~/firefox directory to trigger test runs.
  • [REMOTE_CODE_EXECUTION]: Uses the uvx utility to dynamically download and execute the lumberjackth tool for monitoring test progress after a push.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing data from external APIs to construct shell commands.
  • Ingestion points: Fetches JSON task graphs from firefox-ci-tc.services.mozilla.com and job status from lando.services.mozilla.com.
  • Boundary markers: No explicit delimiters or instructions are used to separate untrusted remote data from local command templates.
  • Capability inventory: The skill can execute local binary files (mach, git), network operations via httpx/requests, and runtime tool execution via uvx.
  • Sanitization: Implements validation for preset names and uses subprocess argument lists to mitigate direct shell injection, though it lacks deep validation of remote task labels used in queries.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 10:48 PM