Skills
skills/sd0xdev/sd0x-dev-flow/skill-health-check/Gen Agent Trust Hub

skill-health-check

Pass

Audited by Gen Agent Trust Hub on Mar 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: No malicious patterns, obfuscation, or data exfiltration attempts were found in the skill files or scripts.
  • [COMMAND_EXECUTION]: The skill uses the Bash tool to execute a local Node.js script (scripts/skill-lint.js) which performs the health check logic. This is a legitimate use of the tool for the skill's primary function.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes external skill and command files. Ingestion points: Files in the skills/ and commands/ directories are read by scripts/skill-lint.js. Boundary markers: The output is formatted as a Markdown report without additional isolation delimiters for external content. Capability inventory: The skill has access to Bash, Read, Grep, and Glob tools. Sanitization: No content sanitization is performed on the audited files before inclusion in the health report. This surface is expected for an audit tool and does not escalate the verdict.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 9, 2026, 06:41 AM