skills-2-0-upgrade
Pass
Audited by Gen Agent Trust Hub on Mar 26, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill facilitates the execution of several local scripts, including 'scripts/diagnose.sh', 'scripts/backup.sh', and 'scripts/batch-p1p2p3.py', to automate compliance checks and file modifications.
- [PROMPT_INJECTION]: The tool is designed to read and process the full content of existing skill files for structural analysis and splitting. This design introduces a surface for indirect prompt injection, as malicious instructions embedded within the analyzed skills could attempt to influence the agent's behavior during the transformation process.
Audit Metadata