Skills
skills/nyldn/claude-octopus/skill-status/Gen Agent Trust Hub

skill-status

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands to read project state and history.
  • Evidence: Runs ./scripts/octo-state.sh read_state to fetch current phase and status information.
  • Evidence: Uses git log, git tag, and git branch to generate a summary of recent development work.
  • Evidence: Utilizes standard utilities like cat, ls, and head to read configuration files and directory listings within the project and user home directory.
  • [PROMPT_INJECTION]: The skill processes potentially untrusted data from git logs and project metadata files which creates an indirect injection surface.
  • Ingestion points: Reads data from ROADMAP.md, STATE.md, git commit history, and ~/.claude-octopus/results/.
  • Boundary markers: The skill does not define explicit delimiters when interpolating this data into the final dashboard response to distinguish data from instructions.
  • Capability inventory: The skill has the ability to execute shell commands and read local files.
  • Sanitization: No explicit escaping or filtering is applied to the retrieved data before it is presented to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 06:35 AM