Skills
skills/linehaul-ai/linehaulai-claude-marketplace/wiki-onboarding/Gen Agent Trust Hub

wiki-onboarding

Pass

Audited by Gen Agent Trust Hub on Feb 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git remote get-url origin and git rev-parse --abbrev-ref HEAD to collect repository metadata. This information is used locally to construct documentation links.\n- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection (Category 8) because its core functionality involves reading and summarizing untrusted repository content. Malicious instructions placed in source code or documentation could potentially influence the agent's behavior during analysis.\n
  • Ingestion points: Scans all repository files, build configs (e.g., package.json, Cargo.toml), and source code to extract architectural details.\n
  • Boundary markers: No explicit delimiters or instructions to ignore embedded prompts in the analyzed codebase are provided.\n
  • Capability inventory: File writing (onboarding/ directory) and shell command execution (git).\n
  • Sanitization: No sanitization of codebase content is mentioned before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 27, 2026, 06:12 PM