writing-justfiles
Pass
Audited by Gen Agent Trust Hub on Mar 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues detected. The skill is entirely instructional, providing templates and best practices for the
justcommand runner. - [COMMAND_EXECUTION]: While the skill facilitates creating files that execute commands, it promotes secure practices such as quoting all interpolated arguments (
"{{arg}}") to prevent shell injection and word splitting. It also recommends using strict shell settings (set -euo pipefail) in script blocks. - [PROMPT_INJECTION]: No override markers, bypass instructions, or instruction extraction patterns were found in the skill content or metadata.
- [DATA_EXFILTRATION]: No access to sensitive file paths or network operations to external domains were identified.
- [REMOTE_CODE_EXECUTION]: No remote script downloads or piped execution patterns (e.g.,
curl | bash) are present in the documentation or examples.
Audit Metadata