Skills
skills/sickn33/antigravity-awesome-skills/conductor-revert/Gen Agent Trust Hub

conductor-revert

Warn

Audited by Gen Agent Trust Hub on Apr 14, 2026

Risk Level: MEDIUMCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to construct and execute shell commands, such as git log --grep="{trackId}", using unvalidated variables parsed from user arguments. This creates a risk of command injection if a malicious user provides a trackId containing shell metacharacters (e.g., ;, &&, |) to execute unintended commands on the host machine.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes data from external files (plan.md, tracks.md) and command outputs (git commit history) to drive its internal logic and status updates.
  • Ingestion points: conductor/tracks.md, plan.md, and output from git log.
  • Boundary markers: The skill lacks explicit instructions to treat the content of these files as untrusted data or to ignore embedded instructions.
  • Capability inventory: The skill possesses the ability to execute subprocesses (git) and write to the local filesystem.
  • Sanitization: No sanitization or structural validation is required for the data read from these external sources before it influences the agent's execution plan.
Audit Metadata
Risk Level
MEDIUM
Analyzed
Apr 14, 2026, 02:55 AM