Skills
NYC
skills/littleben/awesomeagentskills/shipany/Gen Agent Trust Hub

shipany

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS] (LOW): The skill references external code repositories from the 'shipanyai' GitHub organization, which is not on the pre-approved trusted list.
  • Evidence: Files references/authentication.md and references/deployment.md contain commands such as git clone and git remote add targeting shipanyai/shipany-template-one.git.
  • Reasoning: Per the analysis framework, references to non-trusted sources for code are initially classified as MEDIUM. However, as this reference is essential to the primary purpose of the skill (Shipany documentation), the severity is downgraded to LOW.
  • [PROMPT_INJECTION] (LOW): The skill presents a surface area for indirect prompt injection because it processes external documentation that could potentially contain malicious instructions.
  • Ingestion points: Files in the references/ directory including api.md, authentication.md, and configuration.md.
  • Boundary markers: Absent. There are no delimiters or 'ignore embedded instructions' warnings around the documentation content.
  • Capability inventory: The documentation facilitates command-line operations (Git), database schema modification (SQL), and local file system actions (cp .env.example .env.production).
  • Sanitization: Absent. The documentation is provided as a raw extract from a web scraper without validation or filtering.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:04 PM