GSD Verifier
Fail
Audited by Gen Agent Trust Hub on Feb 24, 2026
Risk Level: CRITICAL
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes PowerShell commands (Select-String, Get-ChildItem, Test-Path, Get-Content) to perform read-only analysis of the local filesystem. These commands are used to identify implementation patterns and 'stubs' within the project directory.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by ingesting external data. 1. Ingestion points: Reads .gsd/REQUIREMENTS.md, .gsd/ROADMAP.md, and source files in src/. 2. Boundary markers: No explicit delimiters or 'ignore' instructions are used when parsing these files. 3. Capability inventory: Limited to file reading and generating a VERIFICATION.md report; no network or arbitrary code execution capabilities identified. 4. Sanitization: No sanitization of ingested content is performed before processing. Despite this surface, the risk is minimal as the ingested data is used for verification logic rather than executable instructions.
- [EXTERNAL_DOWNLOADS]: Although automated scans flagged a malicious URL in REQUIREMENTS.md, the skill's instructions involve reading the file text for pattern matching and do not include logic to resolve, visit, or download content from external URLs.
Recommendations
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata