configure-status
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local shell commands such as
find,grep, andsedto identify configuration files and extract versioning information. These commands are static, do not require elevated privileges, and are used solely for information gathering within the project directory. - [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection as it reads content from untrusted local files (e.g.,
.project-standards.yaml, workflow files) to generate its report. However, the risk is mitigated by the read-only nature of the skill and its reliance on specific grep patterns for data extraction. - Ingestion points: Reads various project-level configuration files including YAML and JSON files from the repository root and
.github/workflows/directory. - Boundary markers: No explicit delimiters are used to separate file content from agent instructions in the reporting phase.
- Capability inventory: Limited to filesystem discovery and string extraction using
find,grep, andsedvia theGlobandGreptools; no remote code execution or data exfiltration capabilities are present. - Sanitization: Data extraction is constrained by fixed regex patterns in grep commands (e.g., matching version or date fields), reducing the likelihood of executing embedded instructions.
Audit Metadata