Skills
skills/webriq/claude-skills/ship/Gen Agent Trust Hub

ship

Pass

Audited by Gen Agent Trust Hub on Mar 24, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands including pnpm build, pnpm typecheck, pnpm lint, and various git and gh (GitHub CLI) operations for branch management and Pull Request creation.
  • [PROMPT_INJECTION]: Indirect prompt injection surface detected. The skill ingests data from local markdown files (TASKS.md, task documents, test reports) and interpolates this content into shell commands (e.g., gh pr create titles and bodies). A malicious task document could attempt to influence agent behavior or cause command injection during the deployment process.
  • Ingestion points: Reads TASKS.md, docs/task/*.md, and docs/testing/*.md to resolve IDs and generate PR content.
  • Boundary markers: Absent. No explicit delimiters or instructions to ignore embedded commands in the processed data were found in the instructions.
  • Capability inventory: Full shell execution via pnpm, git, and gh. File read/write access to project documentation and configuration.
  • Sanitization: No evidence of input validation or escaping for data interpolated into shell commands.
  • [EXTERNAL_DOWNLOADS]: References external agent skills from Vercel Labs and Supabase repositories for React and Postgres best practices.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 24, 2026, 02:05 AM