Skills
skills/wyattowalsh/agents/add-badges/Gen Agent Trust Hub

add-badges

Pass

Audited by Gen Agent Trust Hub on Apr 20, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local developer tools like git and the GitHub CLI (gh) to retrieve repository status and metadata. These commands are executed via the detect.py script and PreToolUse hooks using safe, list-based argument passing.
  • [EXTERNAL_DOWNLOADS]: The validate-badges.py script performs network HEAD requests to verify the availability of badge URLs. These requests are restricted to a predefined list of well-known technology domains (e.g., shields.io, codecov.io) and are necessary for the skill's validation functionality.
  • [DATA_EXFILTRATION]: The detect.py script reads local project configuration files (such as .git/config and package.json) to extract metadata for badge generation. No sensitive information or credentials are sent to external or untrusted servers.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes project manifest files and modifies the README.md file, which represents a standard vulnerability surface for indirect prompt injection.
  • Ingestion points: The skill reads package.json, pyproject.toml, and other manifest files in the project root.
  • Boundary markers: Explicit markers to ignore embedded instructions are not used during metadata processing.
  • Capability inventory: The skill is capable of modifying the filesystem (README.md) and executing CLI tools.
  • Sanitization: The skill performs technical extraction of version numbers and package names, which reduces the risk of executable content injection from these sources.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 20, 2026, 03:07 AM