Skills
skills/metta-ai/tribal-village/tv-tint-freeze/Gen Agent Trust Hub

tv-tint-freeze

Pass

Audited by Gen Agent Trust Hub on Feb 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (SAFE): The skill utilizes rg (ripgrep) and sed to perform read-only searches and extracts from local Nim source files within the src/ directory. These operations are restricted to specific file paths and do not involve network access or system modification.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection. Because it ingests external file content for summarization without sanitization or explicit boundary markers, instructions embedded in the source code or comments could potentially influence the agent's behavior during the summarization phase.
  • Ingestion points: Reads content from src/tint.nim, src/colors.nim, src/step.nim, src/renderer.nim, and src/environment.nim using rg and sed.
  • Boundary markers: None provided in the workflow to separate code content from instructions.
  • Capability inventory: Limited to local file reading and outputting text to the agent's context.
  • Sanitization: No filtering or escaping is applied to the file content before the agent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 18, 2026, 12:30 AM