Skills
skills/minhtri2710/opencode-warcraft/agents-md-mastery/Gen Agent Trust Hub

agents-md-mastery

Pass

Audited by Gen Agent Trust Hub on Mar 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill facilitates an attack surface for indirect prompt injection by providing instructions for a tool (warcraft_agents_md) to sync codebase patterns into the AGENTS.md file, which is loaded as pseudo-memory at the start of every session.
  • Ingestion points: The warcraft_agents_md tool's sync action processes feature code and completion data to propose memory updates.
  • Boundary markers: The skill includes a manual verification step (The Sync Workflow) requiring the agent to review proposals and ask if they change behavior before applying.
  • Capability inventory: The skill utilizes the warcraft_agents_md tool to write updates to the AGENTS.md file, which has a persistent, session-wide influence on agent behavior.
  • Sanitization: The skill relies on the agent's logic to 'Accept signal, reject noise' and a recommended human/agent review of proposals to filter out malicious or misleading instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 20, 2026, 11:46 PM