Skills
skills/sawyerhood/sawyer-mart/library-docs/Gen Agent Trust Hub

library-docs

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • EXTERNAL_DOWNLOADS (LOW): The skill uses git clone to download arbitrary repositories from GitHub into the /tmp/cc-repos directory. While GitHub is a known platform, the content of individual repositories is unverified and untrusted.
  • PROMPT_INJECTION (LOW): The skill is susceptible to Indirect Prompt Injection (Category 8). A malicious repository could contain instructions in its README, documentation, or code comments intended to manipulate the 'Explore' subagent's output or actions.
  • Ingestion points: Cloned repository content in /tmp/cc-repos/{repo-name}.
  • Boundary markers: Absent. The instructions for the subagent do not include delimiters or warnings to ignore embedded instructions within the source code.
  • Capability inventory: The skill utilizes mkdir, ls, and git clone. The subagent is tasked with reading files and traversing the directory structure.
  • Sanitization: Absent. The skill does not perform any sanitization or filtering of the cloned content before the subagent processes it.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:29 PM