Skills
skills/overlord-z/claudeshack/guardian/Gen Agent Trust Hub

guardian

Pass

Audited by Gen Agent Trust Hub on Mar 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The orchestrator script scripts/guardian.py utilizes subprocess.run to execute local Python utility scripts including monitor_session.py, context_filter.py, and validator.py. This represents an internal command execution flow used to coordinate the skill's different logic components.\n- [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it ingests and processes user-controlled files for code review and task planning.\n
  • Ingestion points: scripts/context_filter.py reads the contents of project files specified by the user for analysis by subagents.\n
  • Boundary markers: Prompt templates in the Templates/ directory include explicit 'CRITICAL CONSTRAINTS' and 'READ-ONLY' instructions intended to prevent subagents from executing actions or using tools.\n
  • Capability inventory: The skill utilizes the Read, Glob, Grep, and Task tools. It uses the Task tool to spawn sub-models for analysis tasks.\n
  • Sanitization: The implementation relies on prompt-based constraints and the intended read-only nature of the subagents rather than performing input sanitization of the files being reviewed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 1, 2026, 05:29 PM