Skills
skills/moltbot/skills/skill-vetter/Gen Agent Trust Hub

skill-vetter

Pass

Audited by Gen Agent Trust Hub on Mar 5, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill fetches repository metadata and file content from GitHub's official API and raw content domains (raw.githubusercontent.com). These are recognized as well-known technology services and are used here for the purpose of auditing third-party code.
  • [COMMAND_EXECUTION]: Uses system utilities curl and jq to fetch and parse API data. It also employs find and cat to inspect the contents of skill files during the review process. These commands are consistent with the skill's stated purpose.
  • [PROMPT_INJECTION]: The skill's core functionality is to ingest and analyze untrusted third-party code, which presents a surface for indirect prompt injection. A malicious skill being analyzed could contain embedded instructions designed to influence the agent's security verdict. Ingestion points: Remote file fetching via curl and package installation via the clawhub CLI. Boundary markers: No explicit delimiters are defined in the instructions to isolate the content being analyzed. Capability inventory: curl, jq, find, cat, and clawhub. Sanitization: No sanitization or escaping of external content is specified before the agent processes the code for review.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 5, 2026, 03:03 AM