Command Development
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFE
Full Analysis
- [SAFE] (SAFE): The skill consists entirely of Markdown documentation and reference materials.
- [COMMAND_EXECUTION] (SAFE): While the skill documents how to use the Bash execution feature (
!\command`), it does so for educational purposes and correctly emphasizes using restrictive tool filters (e.g.,Bash(git:*)`) as a security best practice. - [DATA_EXPOSURE] (SAFE): Examples include commands that read file content (
@path) or git status. These are standard platform features described in an educational context to help developers manage their own projects. - [INDIRECT_PROMPT_INJECTION] (LOW): The skill explains how to use dynamic arguments ($1, $ARGUMENTS) and file references. While these ingest untrusted data, the documentation provides guidance on using
disable-model-invocationfor sensitive or manual-only operations, which is a key mitigation for this attack vector.
Audit Metadata