skill-exporter
Pass
Audited by Gen Agent Trust Hub on Mar 10, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill retrieves local installation data by executing
npx skills ls -gand reading~/.agents/.skill-lock.json. This activity is strictly aligned with the skill's stated purpose of exporting current skill configurations. - [EXTERNAL_DOWNLOADS]: References agent mapping data from Vercel Labs' official GitHub repository to ensure CLI compatibility. Vercel Labs is a recognized trusted organization, and this reference is used for documentation purposes.
- [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it ingests data from
~/.agents/.skill-lock.json(Ingestion point) to generate executable shell commands (Capability). There are no boundary markers or explicit sanitization steps described in the workflow. However, as this is an export utility designed to process local configuration data, this behavior is considered part of its primary function and does not escalate the security risk.
Audit Metadata