Skills
skills/minhtri2710/skills/beo-onboard/Gen Agent Trust Hub

beo-onboard

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The onboard_beo.mjs script dynamically generates a JavaScript file (.beads/beo_status.mjs) and provides instructions for the agent to execute it. This involves writing and running executable code generated at runtime from local templates and metadata.\n- [PROMPT_INJECTION]: The skill identifies an Indirect Prompt Injection surface by reading and acting on content from files like AGENTS.md, STATE.json, and HANDOFF.json which may be externally influenced.\n
  • Ingestion points: Data is extracted from AGENTS.md, .beads/STATE.json, and .beads/HANDOFF.json.\n
  • Boundary markers: The skill uses HTML comment sentinels (<!-- BEO:MANAGED START -->) to delineate its managed block in AGENTS.md.\n
  • Capability inventory: The skill possesses file writing (writeFile) and directory creation (mkdir) capabilities within the scope of the repository.\n
  • Sanitization: Validation is limited to verifying sentinel counts and basic JSON structure, with no comprehensive schema enforcement for all ingested data fields.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 04:08 AM