Skills
skills/sadiksaifi/skills/snap-forge/Gen Agent Trust Hub

snap-forge

Pass

Audited by Gen Agent Trust Hub on Apr 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to perform shell commands to manage the local development environment and verify code quality.
  • It executes Git commands such as git checkout -b and git worktree add for branching and worktree creation.
  • It identifies and runs project-specific testing, linting, and formatting tools (e.g., npm test, pytest) identified from local configuration files during the orientation phase.
  • [PROMPT_INJECTION]: The skill possesses an attack surface for indirect prompt injection through its integration with external issue tracking data.
  • Ingestion points: Section 1 ('Orient') of SKILL.md instructs the agent to fetch external data using gh issue view <number> --comments to determine the behavior sequence.
  • Boundary markers: The skill does not employ delimiters or specific instructions to the agent to treat the retrieved GitHub content as untrusted data rather than executable instructions.
  • Capability inventory: The agent has permission to modify the file system, create Git commits, and execute arbitrary shell commands for testing purposes across all scripts.
  • Sanitization: There is no specified mechanism to filter, validate, or sanitize the content retrieved from GitHub before it is incorporated into the agent's context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 2, 2026, 12:36 AM