skill-vetter
Pass
Audited by Gen Agent Trust Hub on Mar 16, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides PowerShell snippets using Invoke-RestMethod for the agent to use when querying the GitHub API. This command execution is a functional requirement for retrieving metadata and file contents for security auditing.
- [EXTERNAL_DOWNLOADS]: The skill instructs the agent to fetch repository data from api.github.com and raw.githubusercontent.com. Since GitHub is a well-known technology service, these references are documented as standard functionality for the intended auditing purpose.
- [PROMPT_INJECTION]: The skill contains an indirect prompt injection surface (Category 8) because its primary function is to ingest and analyze untrusted code from external skills. Evidence: 1. Ingestion points: Instructions to read all files (SKILL.md) from external sources. 2. Boundary markers: Employs a structured report template but lacks explicit 'ignore embedded instructions' delimiters during the code-reading phase. 3. Capability inventory: PowerShell for network requests and standard file reading capabilities. 4. Sanitization: No sanitization or filtering of external code content is defined before processing.
Audit Metadata