acquiring-skills
Pass
Audited by Gen Agent Trust Hub on May 9, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: The skill provides instructions for downloading content from external repositories via git clone. Specifically, it points to repositories hosted on GitHub for skill discovery.
- [COMMAND_EXECUTION]: Includes shell commands (git clone, cp, rsync, rm) to facilitate the downloading, moving, and cleaning up of skill files within the agent's filesystem.
- [PROMPT_INJECTION]: The skill's purpose is to download and integrate external instructions, creating a surface for indirect prompt injection.
- Ingestion points: External GitHub repositories specified in the documentation.
- Boundary markers: Instructions explicitly direct the agent to ask the user before downloading from untrusted sources and to inspect scripts before execution.
- Capability inventory: Uses git clone for network downloads and filesystem commands (cp, rsync) for installation.
- Sanitization: Relies on manual inspection and user approval rather than automated sanitization filters.
Audit Metadata