skill-developer
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFENO_CODE
Full Analysis
- [NO_CODE] (SAFE): The provided files are exclusively markdown (.md) documentation and reference guides. No executable scripts (.sh, .ts, .js, .py) or active configuration files were included in the skill package.
- [Indirect Prompt Injection] (SAFE): The documentation describes an architectural mechanism where system hooks (PreToolUse and UserPromptSubmit) inject context or instructions into the agent's prompt based on matched patterns. While this constitutes a surface for indirect prompt injection (Category 8), the described use case is for legitimate guardrails and suggestions, and no malicious patterns were found in the provided examples.
- [Command Execution] (SAFE): The documentation provides examples of validating JSON with
jqand testing hooks withnpx tsx. These are standard developer tools and the examples do not include any malicious commands or unauthorized file access. - [Dynamic Execution] (SAFE): Although the documentation describes a system that dynamically executes local scripts via hooks, this is the intended functionality of the described framework, and no actual executable logic was provided for analysis.
Audit Metadata