Skills
skills/rube-de/cc-skills/dlc/Gen Agent Trust Hub

dlc

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill possesses a surface for indirect prompt injection because it is designed to ingest and process untrusted external data, such as pull request comments and source code, which could contain malicious instructions for the agent.\n
  • Ingestion points: Fetches pull request comments and reads repository files for scanning through sub-skills (SKILL.md).\n
  • Boundary markers: The instructions do not define explicit delimiters or warnings to ignore instructions embedded in the analyzed content.\n
  • Capability inventory: The skill has access to tools including Bash, the ability to invoke other Skills, and the GitHub CLI (gh) for creating issues and modifying repository state.\n
  • Sanitization: There is no mention of sanitization, escaping, or validation of the ingested external content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 05:28 AM