Skills
skills/pedronauck/skills/sync-provider/Gen Agent Trust Hub

sync-provider

Warn

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill requires the execution of local scripts (scripts/check-provider-commit.sh, scripts/git-diff.ts) and shell commands using gh, pnpm, and cat to manage the repository synchronization process.
  • [EXTERNAL_DOWNLOADS]: The workflow involves fetching and applying code updates from non-whitelisted external repositories (under the ben-vargas account), which presents a risk of ingesting malicious code during the sync.
  • [DATA_EXFILTRATION]: Instructions direct the agent to read the root .env file to retrieve a GITHUB_TOKEN and require the use of absolute local filesystem paths, which exposes the host environment configuration to the model context.
  • [PROMPT_INJECTION]: The skill employs aggressive, overriding constraints such as 'THE TASK WILL BE INVALIDATED' and 'NO EXCEPTIONS' to bypass standard agent decision-making and force adherence to a specific multi-step execution path.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Mar 18, 2026, 01:53 AM