zsh-style-guide
Pass
Audited by Gen Agent Trust Hub on Feb 28, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: Th e skill directs the agent to execute internal Python scripts (
scripts/resolve_style_guides.pyandscripts/validate_trigger_matrix_sync.py) to manage trigger logic and ensure consistency within the skill set. - [COMMAND_EXECUTION]: Th e skill includes a
Quality Gate Command Matrixwhich specifies numerous commands for the agent to execute, including package managers and test runners likenpm,cargo,dotnet,ruff, andpytest. - [PROMPT_INJECTION]: Th e skill is vulnerable to indirect prompt injection as it processes and refactors untrusted code and workflow files, which could contain malicious instructions designed to influence the agent's behavior.
- Inge stion points: Th e skill ingests files matching various extensions and shebangs defined in the
SKILL.mddescription and thetrigger-matrix.md(e.g.,.zsh,.py,.js,.go,.rs,.tf). - Boun dary markers: Th e skill does not implement delimiters or specific instructions to the agent to treat the code content as non-instructional data.
- Cap ab i li ty inventory: Th e agent has the capability to run a wide range of system commands and language toolchains as defined in the quality gate matrix.
- Sa n i tization: Th ere are no explicit requirements or steps for the agent to sanitize or validate the content of the scripts before processing them for review or execution.
Audit Metadata