Skills
skills/sickn33/antigravity-awesome-skills/agent-manager-skill/Gen Agent Trust Hub

agent-manager-skill

Fail

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: HIGHEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill requires cloning a repository from an untrusted GitHub organization (fractalmind-ai) as a prerequisite for use.
  • [COMMAND_EXECUTION]: The instructions guide the user to run local Python scripts (agent-manager/scripts/main.py) that were obtained from the external download, creating a pathway for executing unverified code.
  • [PROMPT_INJECTION]: The skill exposes a surface for indirect prompt injection because it is designed to monitor and display output from external agents, which could contain malicious instructions.
  • Ingestion points: The monitor command in SKILL.md is intended to tail logs from untrusted agent processes.
  • Boundary markers: There are no delimiters or instructions provided to the agent to ignore or treat log content as data rather than instructions.
  • Capability inventory: The skill possesses the capability to execute shell commands and Python scripts as described in SKILL.md.
  • Sanitization: No evidence of sanitization or filtering of the monitored output is present in the skill description.
Recommendations
  • AI detected serious security threats
Audit Metadata
Risk Level
HIGH
Analyzed
Apr 14, 2026, 09:20 AM