check
Pass
Audited by Gen Agent Trust Hub on Apr 8, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill identifies and executes automated agents and shell commands specified in the frontmatter of local rule files (
.hoyeon/rules/*.md). While commands are presented for manual execution, the automated agent execution represents a configuration-based execution path. - [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection from processing untrusted
git diffcontent through subagents. - Ingestion points: Data enters via
git diffoutput as described inSKILL.md. - Boundary markers: No delimiters or instructions to ignore embedded commands are specified for the subagent analysis phase.
- Capability inventory: The skill can spawn subagents, execute shell commands, and modify local files.
- Sanitization: There is no mention of sanitizing or validating the ingested diff content before analysis.
Audit Metadata