Skills
skills/markus1189/nixos-config/sourcegraph-search/Gen Agent Trust Hub

sourcegraph-search

Fail

Audited by Gen Agent Trust Hub on Feb 16, 2026

Risk Level: HIGHPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • Indirect Prompt Injection (HIGH): The skill's core functionality involves fetching untrusted content from external repositories into the agent's context.
  • Ingestion points: Untrusted source code, comments, and commit messages are ingested via the src search command as described in SKILL.md.
  • Boundary markers: There are no boundary markers or instructions to the agent to distinguish between data and potential commands within the fetched content.
  • Capability inventory: The SKILL.md file explicitly mentions integrating results with tools like Bash, Read, and WebFetch, which provides a direct path for injected instructions to trigger file modifications or command execution.
  • Sanitization: No sanitization or validation of the fetched external content is performed or recommended.
  • Command Execution (LOW): The skill facilitates the execution of the src CLI tool. While this is the intended functionality, it introduces the standard risks associated with subprocess execution.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Feb 16, 2026, 08:21 AM