Skills
skills/okazuki58/agent-skills/gtr-workflow/Gen Agent Trust Hub

gtr-workflow

Fail

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: HIGHCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The installation section instructs the user to execute a command with sudo to create a symbolic link in /usr/local/bin. This grants administrative privileges to the installation process and modifies system-level directories.
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to download and install external code from a third-party GitHub repository: https://github.com/coderabbitai/git-worktree-runner.git.
  • [COMMAND_EXECUTION]: The skill documentation describes a "hooks" feature (postCreate) within the .gtrconfig file that automatically executes shell commands, such as npm install or cp .env.example .env, when a new worktree is created.
  • [PROMPT_INJECTION]: The skill identifies a potential indirect injection surface by processing untrusted data from repository configuration files.
  • Ingestion points: Reads instructions and configurations from the .gtrconfig file located in the repository root.
  • Boundary markers: None identified; the skill assumes the configuration file is trusted.
  • Capability inventory: The tool can execute arbitrary shell commands via the run command and automated postCreate hooks.
  • Sanitization: There is no evidence of sanitization or validation of the commands specified in the configuration file before execution.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Mar 18, 2026, 06:16 AM