Skills
skills/skinnyandbald/ceos/ceos-people/Gen Agent Trust Hub

ceos-people

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to perform a git synchronization operation by executing git -C <ceos_root> pull --ff-only --quiet 2>/dev/null. The target directory is dynamically determined by locating a .ceos marker file in the directory hierarchy.
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection as it ingests and processes content from external markdown files.
  • Ingestion points: Evaluates data from data/people/, data/vision.md, and data/accountability.md.
  • Boundary markers: There are no defined delimiters or specific instructions to the agent to ignore embedded commands within the processed files.
  • Capability inventory: The skill utilizes Read, Write, and Glob tools and has the capability to execute shell commands via git.
  • Sanitization: The skill lacks explicit sanitization or validation mechanisms for content read from files before it is used to influence the agent's evaluation logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 09:34 PM