skills-dev
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- Dynamic Execution (LOW): Templates for developer workflows use 'bun shell' for task automation. Potential for command injection is mitigated by using a restricted switch-case selection for executable commands.
- Privilege Escalation (LOW): The skill's initialization script uses 'chmod' to make generated scripts executable. This is Downgraded to LOW as it is a core functional requirement of the tool and is limited to its own generated files.
- Indirect Prompt Injection (LOW): The tool processes external input for skill names and paths. [1] Ingestion points: 'process.argv' in 'scripts/init-skill.ts'. [2] Boundary markers: None. [3] Capability inventory: File system writing and shell command execution. [4] Sanitization: Strict regex for skill names and checks to prevent path traversal during file operations.
Audit Metadata