Skills
skills/peonping/peon-ping/peon-ping-log/Gen Agent Trust Hub

peon-ping-log

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a local bash script located at ~/.claude/hooks/peon-ping/peon.sh to log trainer data and check status. This script is part of the vendor's own toolset and is required for the skill's primary functionality.
  • [PROMPT_INJECTION]: The skill processes user-provided inputs for rep counts and exercise types directly into shell commands. While this creates a surface for indirect injection, the instructions limit inputs to specific types (pushups/squats), and the execution targets a vendor-controlled script.
  • Ingestion points: <count> and <exercise> parameters in SKILL.md.
  • Boundary markers: None present in the command string.
  • Capability inventory: Execution of bash scripts via the shell.
  • Sanitization: No explicit sanitization or validation is defined within the skill file itself.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 07:04 AM