Skills
skills/mrsekut/agent-skills/skill-improver/Gen Agent Trust Hub

skill-improver

Pass

Audited by Gen Agent Trust Hub on Mar 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes the ghq root command to determine the base directory for git repositories on the local system, which is used to resolve paths for skill source code.\n- [PROMPT_INJECTION]: The skill processes unvalidated user feedback to directly modify the instructions (SKILL.md) of other skills, creating an indirect prompt injection surface.\n
  • Ingestion points: User feedback provided in the conversation context (e.g., "Improve this skill").\n
  • Boundary markers: Absent; the skill is instructed to interpret feedback and apply changes without specific delimiters or warnings to ignore embedded instructions.\n
  • Capability inventory: Execution of the ghq command and file-system write access to skill definitions in ~/.claude/skills/ and local repository paths.\n
  • Sanitization: Absent; the skill relies on the agent's natural language interpretation to incorporate user feedback into the skill's core logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 17, 2026, 02:42 PM