skill-standardization
Pass
Audited by Gen Agent Trust Hub on Feb 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [Command Execution] (LOW): The skill invokes local Python scripts (
convert_skills.py,remove_duplicates.py,final_cleanup.py) to perform automated file modifications. These operations are consistent with the skill's stated purpose of project maintenance. - [Prompt Injection] (LOW): Identifies an Indirect Prompt Injection surface (Category 8) as the skill is designed to ingest and process untrusted markdown files.
- Ingestion points: Processes existing and new
SKILL.mdfiles within the.agent-skillsdirectory. - Boundary markers: No explicit delimiters or instructions are provided to the agent to treat the contents of the processed files as untrusted data.
- Capability inventory: The skill utilizes
python3execution, along withRead,Write, andEdittools to modify the file system. - Sanitization: While the skill describes regex-based heading conversion, it does not explicitly define sanitization protocols for the data being processed.
Audit Metadata