meta-skill-manager
Pass
Audited by Gen Agent Trust Hub on Feb 27, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [SAFE]: No direct security threats such as malicious command execution, data exfiltration, or obfuscation were found within the skill files.
- [PROMPT_INJECTION]: Indirect Prompt Injection Surface: The skill is designed to read, analyze, and integrate existing SKILL.md files. This processes untrusted data which could contain malicious instructions designed to hijack the management process. • Ingestion points: Steps 1.2 (Modify existing skill) and 2.1 (Analyze skills for integration) involve reading external markdown files. • Boundary markers: No specific delimiters or isolation instructions are provided for handling untrusted content. • Capability inventory: Primarily involves text generation and file modification; no scripts or system-level tools are present in this skill package. • Sanitization: The instructions do not include steps to sanitize, escape, or validate the content of the skills being processed.
Audit Metadata