Skills
skills/shieldon-dev/skills/skills-audit/Gen Agent Trust Hub

skills-audit

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSNO_CODE
Full Analysis
  • [NO_CODE] (SAFE): The core logic file scripts/scan.py mentioned in the documentation is missing from the provided package. Analysis is limited to the markdown documentation and reference tables.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill documentation describes a --url parameter that allows the scanner to fetch remote content from the internet. This creates a surface for outbound network requests to arbitrary, untrusted endpoints.
  • [PROMPT_INJECTION] (LOW): The skill is susceptible to indirect prompt injection (Category 8) because its primary function is to ingest and process untrusted external data. 1. Ingestion points: scripts/scan.py accepts input via the --file, --url, and --content arguments. 2. Boundary markers: No delimiters or 'ignore embedded instructions' warnings are documented for the processed content. 3. Capability inventory: The skill has the ability to execute Python code via the Bash tool and perform network fetches. 4. Sanitization: No sanitization or validation logic is documented for the input data before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:35 PM