Skills
skills/soul-brews-studio/oracle-skills-cli/learn/Gen Agent Trust Hub

learn

Pass

Audited by Gen Agent Trust Hub on Mar 28, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill makes extensive use of shell commands (including ghq, find, ln, mkdir, sed, and rm) to manage local repository structures, create symlinks, and automate cloning workflows.
  • [EXTERNAL_DOWNLOADS]: Fetches external repository content from GitHub using the ghq command. This is a core functionality of the skill for exploring remote codebases.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it processes untrusted source code from external repositories using parallel AI agents.
  • Ingestion points: External code is read from the origin/ symlink directory as defined in SKILL.md.
  • Boundary markers: Absent; the instructions to the agents do not include delimiters or specific warnings to ignore instructions embedded within the source code files.
  • Capability inventory: The skill possesses capabilities for filesystem management (mkdir, ln, rm, unlink) and repository cloning (ghq).
  • Sanitization: No sanitization or filtering is performed on the content of the external source code before it is passed to the AI agents for analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 28, 2026, 09:55 AM