synthesis-skills-manager
Pass
Audited by Gen Agent Trust Hub on Apr 12, 2026
Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [EXTERNAL_DOWNLOADS]: Fetches skill definitions and metadata from the vendor's GitHub repositories (such as
github.com/rajivpant/synthesis-skills) to facilitate local installation and updates. - [COMMAND_EXECUTION]: Performs file system operations within agent-specific directories, such as
~/.claude/skills/, to manage the lifecycle of methodology skills including installation and state tracking. - [PROMPT_INJECTION]: Provides a management interface for ingesting external instructions from remote repositories, which serves as a potential surface for indirect prompt injection.
- Ingestion points: Processes
SKILL.mdfiles retrieved from configured public, private, or shared Git repositories. - Boundary markers: Relies on YAML frontmatter structure but does not specify explicit delimiters for the instructional body during the synthesis process.
- Capability inventory: Possesses the capability to write and modify the agent's active skill set in local configuration directories.
- Sanitization: Employs a methodology-aware merge process and provenance tracking (via
.source.json) to validate and reconcile changes before installation. - [COMMAND_EXECUTION]: Implements a dynamic 'synthesis merge' logic that generates updated instruction sets by reconciling differences between local customizations and upstream source versions.
Audit Metadata