Skills
skills/sadiksaifi/skills/snap-scope/Gen Agent Trust Hub

snap-scope

Pass

Audited by Gen Agent Trust Hub on Mar 29, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is vulnerable to indirect prompt injection because it incorporates untrusted data from GitHub and the codebase into its reasoning process.
  • Ingestion points: Fetches external content using gh issue view and performs codebase exploration as specified in SKILL.md.
  • Boundary markers: There are no explicit instructions to treat fetched data as untrusted or to use delimiters to prevent instruction leakage.
  • Capability inventory: The skill is restricted to a 'thinking space' only; it is explicitly forbidden from making code changes or producing documents (SKILL.md), which limits the impact of potential injections.
  • Sanitization: No sanitization, validation, or filtering of the retrieved content is performed.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 29, 2026, 07:55 AM