Skills
skills/oaustegard/claude-skills/finding-skills/Gen Agent Trust Hub

finding-skills

Pass

Audited by Gen Agent Trust Hub on May 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill provides a Python script at scripts/skills.py that facilitates listing and reading files within the /mnt/skills/user/ directory. The instructions in SKILL.md direct the agent to execute this script via the command line to discover other capabilities.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it reads and outputs the content of other SKILL.md files which are considered untrusted data. If a skill in the local catalog contains malicious instructions, the agent would ingest them when viewing the skill's details.
  • Ingestion points: The cmd_show and _parse_meta functions in scripts/skills.py read content from any file named SKILL.md within the target directory.
  • Boundary markers: The skill does not use delimiters or warnings to separate the ingested skill content from the agent's instructions.
  • Capability inventory: The agent using this skill typically has broad access to shell commands and file systems.
  • Sanitization: No content filtering or instruction scrubbing is performed on the ingested text.
Audit Metadata
Risk Level
SAFE
Analyzed
May 3, 2026, 01:16 PM