permission-auditor
Pass
Audited by Gen Agent Trust Hub on Mar 11, 2026
Risk Level: SAFENO_CODEPROMPT_INJECTION
Full Analysis
- [SAFE]: The skill is a security auditor and educator designed to help users understand and minimize permission risks.
- [SAFE]: The skill only requests fileRead permissions, which are necessary for its stated function of analyzing other skill configuration files provided by the user.
- [NO_CODE]: The skill consists entirely of markdown instructions for the AI agent and does not include any executable scripts, binaries, or external dependencies.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface as it processes external skill descriptions. 1. Ingestion points: User-provided skill configuration and description text. 2. Boundary markers: None specified in the instructions. 3. Capability inventory: Limited to fileRead only; no network, shell, or file-write permissions are requested. 4. Sanitization: None explicitly implemented.
- [SAFE]: Sensitive file paths mentioned in the documentation (e.g., .ssh/id_rsa, .env) are used strictly as illustrative examples of security risks and are not accessed by the skill's operational logic.
Audit Metadata