skills-discovery
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill is instructional and documentation-based, focusing on identifying security risks in third-party tools. It does not perform dangerous operations or request excessive permissions.
- [Indirect Prompt Injection] (LOW): The skill facilitates data ingestion from external sources like GitHub and web searches. Evidence Chain: (1) Ingestion Points: WebFetch, WebSearch, and Bash(gh:) calls defined in SKILL.md and references/discovery-patterns.md. (2) Boundary Markers: The skill explicitly instructs the agent to treat community content as untrusted code and perform manual audits. (3) Capability Inventory: Read, WebFetch, WebSearch, and Bash(gh:) restricted to the GitHub CLI. (4) Sanitization: Comprehensive manual audit checklists and sandboxing guidelines are provided in references/security-checklist.md to evaluate retrieved data.
Audit Metadata