Skills
skills/scientiacapital/skills/portfolio-artifact/Gen Agent Trust Hub

portfolio-artifact

Pass

Audited by Gen Agent Trust Hub on Mar 22, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell commands including git, gh (GitHub CLI), jq, wc, and grep to extract metrics and generate reports. These operations are performed on the local repository and agent-specific data directories.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data from external sources (Git commit messages and GitHub PR data).
  • Ingestion points: Metric extraction scripts in SKILL.md and reference/metrics-guide.md ingest text from git log and gh pr list.
  • Boundary markers: Absent; data is directly interpolated into Markdown report templates.
  • Capability inventory: The skill can execute shell commands via Git/GitHub CLI and write files to the ~/.claude/portfolio/ directory.
  • Sanitization: While numerical metrics are sanitized through utilities like wc and jq, qualitative summaries and headlines are generated based on raw text from the repository history.
  • [DATA_EXFILTRATION]: The skill accesses local configuration files such as ~/.claude/daily-cost.json to calculate spend metrics. No network operations were detected that would exfiltrate this data to external third-party domains.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 22, 2026, 06:50 PM