Skills
skills/vamseeachanta/workspace-hub/gsd-reapply-patches/Gen Agent Trust Hub

gsd-reapply-patches

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses bash script snippets to locate backup directories within various standard configuration paths (e.g., $HOME/.config/opencode/gsd-local-patches). These shell operations are limited to directory existence checks.
  • [PROMPT_INJECTION]:
  • Ingestion points: Reads configuration metadata from backup-meta.json and content from user-modified patch files stored in local configuration directories.
  • Boundary markers: The instructions do not specify any delimiters or warnings to ignore embedded instructions within the ingested file content.
  • Capability inventory: The skill has permissions for file system read/write operations, directory detection via shell, and the ability to spawn sub-agents for task execution.
  • Sanitization: No explicit sanitization, validation, or filtering is performed on the content being merged from the patch files.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:34 AM