recursive-review-bundle
Pass
Audited by Gen Agent Trust Hub on Apr 19, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to run shell commands using
pythonandpwshto execute scripts located at../../scripts/recursive-review-bundle.pyand../../scripts/recursive-review-bundle.ps1. - Evidence: The
SKILL.mdfile provides specific command-line examples for both Python and PowerShell, which include several user-defined parameters such as--run-id,--audit-question, and--artifact-path. - [PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection because it processes untrusted data from repository files.
- Ingestion points: The skill reads external files via the
--artifact-pathand--upstream-artifactarguments, specifically targeting files within the/.recursive/run/directory. - Boundary markers: Absent. There are no instructions or markers defined to help the agent distinguish between its instructions and the content of the files being bundled.
- Capability inventory: The skill has the capability to execute shell commands and write to the filesystem through the bundle generation process.
- Sanitization: No sanitization or validation of the content within the ingested artifacts is mentioned before they are processed by the scripts.
Audit Metadata