Skills
skills/skinnyandbald/ceos/ceos-delegate/Gen Agent Trust Hub

ceos-delegate

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run git pull to synchronize the local repository before performing audits or reviews.
  • [EXTERNAL_DOWNLOADS]: The skill performs network requests via the git command to fetch updates from the repository's origin.
  • [PROMPT_INJECTION]: The skill reads from various external markdown and YAML files, which serves as an indirect prompt injection vulnerability surface.
  • Ingestion points: The agent reads from data/accountability.md, data/people/, and data/delegate/ to gather context on roles and previous audits.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded commands are specified when reading external files.
  • Capability inventory: The skill uses Write tools to modify files in data/delegate/ and executes shell commands for repository management.
  • Sanitization: No sanitization or validation logic is defined for the content ingested from the filesystem.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 09:34 PM