Skills
skills/skinnyandbald/ceos/ceos-checkup/Gen Agent Trust Hub

ceos-checkup

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a git pull command to synchronize data within the identified CEOS repository root.
  • [EXTERNAL_DOWNLOADS]: Synchronization involves fetching updates from the repository's configured remote origin during the sync process.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it ingests and summarizes data from multiple local files to provide context for the checkup.
  • Ingestion points: Reads content from data/vision.md, data/accountability.md, data/rocks/, data/scorecard/, data/people/, and data/issues/.
  • Boundary markers: No specific delimiters or instructions are provided to the agent to treat ingested file content as untrusted data or to ignore embedded instructions.
  • Capability inventory: The skill has permissions to write to the data/checkups/ directory and execute shell commands like git pull.
  • Sanitization: There is no logic specified to sanitize or validate the data read from context files before it is presented or used in the checkup logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 09:34 PM