ghost
Pass
Audited by Gen Agent Trust Hub on Mar 14, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security concerns identified. The skill adheres to best practices and includes safety-oriented instructions such as trace-level invariants and injection resistance checks.- [COMMAND_EXECUTION]: The skill instructs the agent to execute a provided local Python script (
verify_evidence.py) and to create and run temporary test adapters. These capabilities are necessary for the skill's primary function of ensuring technical fidelity between source code and generated ghost packages.- [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes untrusted code and documentation from source repositories. Ingestion points: Source code, test suites, and README files from an arbitrary repository. Boundary markers: The skill enforces strict structured output in YAML and Markdown templates. Capability inventory: Filesystem write access and command execution for verification scripts. Sanitization: Instructions explicitly mandate paraphrasing source documentation instead of verbatim copying, which mitigates the risk of the agent inadvertently executing instructions hidden in the source text.
Audit Metadata