starduster
Pass
Audited by Gen Agent Trust Hub on Feb 18, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION] (LOW): The document lists shell commands for environment setup (
brew install gh,brew install jq) and a recovery procedure for cleaning up temporary files (rm -rf ${TMPDIR:-/tmp}/starduster-*). While these are standard administrative tasks, they involve direct shell execution logic. - [SAFE] (SAFE): The error handling matrix explicitly includes security checks, such as detecting and failing on path traversal attempts in generated filenames, which is a positive security practice.
- [PROMPT_INJECTION] (LOW): Category 8 analysis: The skill processes external data from GitHub repositories (metadata and content).
- Ingestion points: GitHub repository data processed via
gh apiand GraphQL. - Boundary markers: None explicitly defined in this reference file.
- Capability inventory: File writing, shell command execution for cleanup.
- Sanitization: Includes filename sanitization and path traversal detection. The ingestion of untrusted repository data constitutes a surface for indirect prompt injection, though the document shows awareness of handling malformed outputs.
Audit Metadata