Skills
skills/jwynia/agent-skills/shared-world/Gen Agent Trust Hub

shared-world

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The scripts build-index.ts and check-conflicts.ts import the walk module from https://deno.land/std@0.208.0/fs/walk.ts. This is an external dependency, although it comes from the official Deno standard library repository.
  • [PROMPT_INJECTION] (LOW): The skill is vulnerable to indirect prompt injection because it reads and parses untrusted markdown content from files in build-index.ts and check-conflicts.ts without using boundary markers or sanitization. If an agent interprets the resulting summaries or metadata as instructions, malicious content could influence its behavior. Evidence Chain: 1. Ingestion points: scripts/build-index.ts (parseEntry) and scripts/check-conflicts.ts (scanFile) read markdown files. 2. Boundary markers: Absent in the parsing logic. 3. Capability inventory: The skill possesses file system read and write permissions (--allow-read, --allow-write). 4. Sanitization: None is performed on the extracted strings.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 05:32 PM