Skills
NYC
skills/s-hiraoku/synapse-a2a/sync-plugin-skills/Gen Agent Trust Hub

sync-plugin-skills

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFE
Full Analysis
  • [Indirect Prompt Injection] (LOW): The skill reads implementation code and documentation files to update skill definitions. If an attacker can modify the repository source code or documentation, they could embed instructions that the agent might follow during the synchronization process.
  • Ingestion points: synapse/ source files, README.md, and guides/ folder content.
  • Boundary markers: Absent; the skill does not explicitly instruct the agent to ignore instructions found within the files it parses.
  • Capability inventory: Reading project files and writing to SKILL.md and references/*.md files.
  • Sanitization: None; the skill directly uses content from the implementation to update documentation.
  • [Data Exposure] (SAFE): File access is strictly scoped to the local repository directories (synapse/, plugins/, guides/). No access to sensitive system paths (~/.ssh, .env) or hardcoded credentials was found.
  • [Command Execution] (SAFE): While the skill contains documentation for CLI commands (e.g., synapse send), it does not automatically execute these commands on the host system.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:14 PM