Skills
skills/vamseeachanta/workspace-hub/gsd-thread/Gen Agent Trust Hub

gsd-thread

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses shell commands like ls, cat, mkdir, and node to handle file operations and metadata management.
  • [DATA_EXFILTRATION]: In resume mode, the skill executes cat on a path constructed using user-provided input (${THREAD_NAME}). This presents a path traversal risk if the agent does not sanitize the input to prevent access to files outside the intended .planning/threads/ directory.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface because it loads the content of existing thread files into the agent's context without using boundary markers.
  • Ingestion points: Contents of files in .planning/threads/ read via the cat command in the resume mode.
  • Boundary markers: None identified in the process instructions.
  • Capability inventory: Shell command execution (ls, cat, mkdir), file writing (cat >), and execution of a local Node.js script (gsd-tools.cjs).
  • Sanitization: No sanitization or validation of the file content is performed before it is ingested into the active session context.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 04:33 AM