Skills
skills/shunsukehayashi/miyabi/ccg/Gen Agent Trust Hub

ccg

Pass

Audited by Gen Agent Trust Hub on Feb 17, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION] (LOW): The skill uses the Bash tool to execute npm run commands within a hardcoded local directory (/Users/shunsukehayashi/dev/...). This allows for arbitrary command execution as defined in the local project's configuration.
  • [EXTERNAL_DOWNLOADS] (LOW): The skill utilizes WebFetch and WebSearch to retrieve content from the internet, which involves downloading untrusted external data.
  • [PROMPT_INJECTION] (LOW): (Category 8) The skill's core function involves processing untrusted data from URLs, Images, and PDFs to generate course curriculum. This creates a surface for indirect prompt injection. Evidence Chain: 1. Ingestion points: External data enters via WebFetch and Read (for PDFs/Images). 2. Boundary markers: No delimiters or 'ignore' instructions are specified in the provided metadata. 3. Capability inventory: The skill has access to Bash (commands), Write (filesystem), and Edit (modification) across its operations. 4. Sanitization: No validation or sanitization of the external content is documented.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 17, 2026, 06:43 PM