Skills
skills/phar-dev/phardev.dot/skill-registry/Gen Agent Trust Hub

skill-registry

Pass

Audited by Gen Agent Trust Hub on Feb 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes jq and mv commands to manage a local JSON registry. These actions are standard for the intended task and are confined to the local project directory.\n- [PROMPT_INJECTION]: The skill identifies a surface for indirect prompt injection due to its processing of user-supplied data and local JSON content.\n
  • Ingestion points: Data enters the system via the assets/registry.json file and user-provided strings for names, descriptions, and search terms.\n
  • Boundary markers: There are no explicit delimiters or instructions to the model to ignore embedded commands within the processed data.\n
  • Capability inventory: The skill utilizes jq for JSON manipulation and shell redirection for updating local files.\n
  • Sanitization: No validation or escaping logic is provided for inputs before they are interpolated into the shell-based jq commands.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 25, 2026, 02:49 PM