Skills
skills/udecode/plate/dig/Gen Agent Trust Hub

dig

Pass

Audited by Gen Agent Trust Hub on Mar 3, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches library source code from GitHub repositories to provide documentation and usage insights.
  • [COMMAND_EXECUTION]: Uses shell commands including mkdir, ls, and git clone to manage repository files in the /tmp/cc-repos/ directory.
  • [PROMPT_INJECTION]: The skill exhibits vulnerability to indirect prompt injection by processing untrusted external content.
  • Ingestion points: Clones arbitrary repository data from GitHub into the local filesystem (SKILL.md).
  • Boundary markers: The prompt for the research subagent does not include delimiters or instructions to ignore instructions embedded in the source code or documentation.
  • Capability inventory: Includes shell command execution (git clone, ls) and deep file exploration via a subagent with read access to all cloned files.
  • Sanitization: No sanitization or verification of the repository content is performed before the data is analyzed by the subagent.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 3, 2026, 11:52 AM