search-user-skill
Pass
Audited by Gen Agent Trust Hub on Mar 6, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: The skill's primary function is to scan the local filesystem at a specific user path to catalog other skills. It parses Markdown and YAML metadata for display purposes only.- [DATA_EXPOSURE]: While the skill accesses the user profile directory, it does so within the context of a specific, expected folder for AI skills. There are no network operations or indicators of data being sent to external servers.- [INDIRECT_PROMPT_INJECTION]: The skill reads content from local skill definition files. There is a minor surface for indirect prompt injection if a malicious skill description is present, but the current skill lacks the capabilities such as network access or command execution to be exploited effectively.
Audit Metadata