Skills
skills/nicholasspisak/second-brain/second-brain-lint/Gen Agent Trust Hub

second-brain-lint

Pass

Audited by Gen Agent Trust Hub on Apr 6, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes grep via the Bash tool to extract internal wiki links from the filesystem. This operation is constrained to the wiki/ directory and aligns with the skill's stated purpose.
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it processes untrusted data from wiki files to drive its logic and file modification capabilities. * Ingestion points: The agent reads markdown files from the wiki/ directory and its subdirectories. * Boundary markers: The instructions lack delimiters or warnings to prevent the agent from interpreting embedded text as instructions. * Capability inventory: The skill has access to Bash, Write, and Edit tools, allowing it to modify the filesystem based on interpreted content. * Sanitization: No content validation or sanitization is performed on the file data before the agent uses it to suggest or apply fixes.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 6, 2026, 07:24 PM