ceos-rocks
Pass
Audited by Gen Agent Trust Hub on Mar 3, 2026
Risk Level: SAFE
Full Analysis
- [COMMAND_EXECUTION]: The skill executes a 'git pull' command to synchronize data from the remote repository. This is a standard operation for collaborative data management and is limited to fetching updates.
- [EXTERNAL_DOWNLOADS]: Data synchronization occurs via 'git', which typically connects to the user's configured repository hosting service (e.g., GitHub).
- [PROMPT_INJECTION]: The skill processes markdown and YAML files, creating an indirect prompt injection surface. This is a low-risk surface common to tools processing external content. Evidence: 1. Ingestion points: 'data/rocks/', 'data/vision.md', 'data/accountability.md'; 2. Boundary markers: YAML frontmatter; 3. Capability inventory: 'Read', 'Write', 'Glob', 'git pull'; 4. Sanitization: None.
Audit Metadata