gsd-update
Pass
Audited by Gen Agent Trust Hub on Mar 12, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes the Bash tool to perform system-level operations including version detection, execution of update commands, and clearing of local caches.
- [EXTERNAL_DOWNLOADS]: The skill connects to the npm registry, a well-known service, to retrieve the latest version information and associated changelogs for the GSD tool.
- [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection through the ingestion of external data.
- Ingestion points: External changelog content fetched from the npm registry or remote repositories during the update check.
- Boundary markers: No explicit delimiters or warnings to ignore embedded instructions are defined for the fetched changelog content.
- Capability inventory: The skill has access to the Bash tool, which can execute system commands.
- Sanitization: The skill does not describe any sanitization or validation logic for the external changelog text before it is processed or displayed.
Audit Metadata