Skills
skills/toonight/get-shit-done-for-antigravity/GSD Executor/Gen Agent Trust Hub

GSD Executor

Pass

Audited by Gen Agent Trust Hub on Feb 24, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes untrusted content from PLAN.md and associated context files to drive agent actions, creating an indirect injection surface.\n
  • Ingestion points: Reads PLAN.md, .gsd/STATE.md, and any files specified in the plan context.\n
  • Boundary markers: While the skill parses specific sections, it lacks explicit instructions to ignore instructions or commands embedded within the data content.\n
  • Capability inventory: The agent is authorized to modify source code (to fix bugs or add functionality), execute CLI commands, and perform git operations based on plan content.\n
  • Sanitization: No sanitization or validation of the content within ingested files is performed before processing.\n- [COMMAND_EXECUTION]: The skill uses specific shell and git commands for its core state management and versioning functionality.\n
  • Evidence: Explicitly uses PowerShell Get-Content to read state files and git (log, add, commit) for atomic task tracking.
Audit Metadata
Risk Level
SAFE
Analyzed
Feb 24, 2026, 07:22 AM