Skills
skills/nateberkopec/dotfiles/ruby-flog-flay-setup/Gen Agent Trust Hub

ruby-flog-flay-setup

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Persistence Mechanisms (LOW): The skill installs a pre-commit hook in the .git/hooks directory. This hook executes 'bundle exec rake' automatically on every commit, representing a persistent automated execution mechanism.
  • Dynamic Execution (LOW): The skill generates Rake tasks and bash scripts at runtime and executes them to verify the setup. This involves writing executable code to the filesystem and triggering it.
  • Indirect Prompt Injection (LOW): The skill processes project files which could serve as ingestion points for untrusted instructions.
  • Ingestion points: Gemfile, Rakefile, and git configuration.
  • Boundary markers: None present in the generated tasks or instructions.
  • Capability inventory: Shell execution via Ruby backticks and file-write operations for hooks.
  • Sanitization: No explicit sanitization or validation of the ingested file content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:25 PM