audit-code
Pass
Audited by Gen Agent Trust Hub on Feb 21, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [Command Execution] (SAFE): The
scripts/sync-to-agents.shscript uses standard filesystem commands (mkdir, rm, rsync, ln) to distribute the skill to local configuration directories. It operates within the user's home directory and does not demonstrate suspicious networking or privilege escalation. - [Indirect Prompt Injection] (SAFE): Surface detected due to code ingestion. 1. Ingestion points: Read code and product flows in SKILL.md. 2. Boundary markers: None explicitly defined. 3. Capability inventory: Analysis and reporting only; no execution of target code or network writes. 4. Sanitization: None. Severity dropped from LOW to SAFE as analysis is the primary intended use case.
- [Data Exposure] (SAFE): The skill does not access sensitive credential files or perform network requests that could lead to data exfiltration.
Audit Metadata