Skills
skills/zereight/gitlab-mcp/skill-stocktake/Gen Agent Trust Hub

skill-stocktake

Pass

Audited by Gen Agent Trust Hub on Apr 28, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill employs standard shell utilities such as ls, grep, diff, wc, and xargs to perform repository audits. These commands are used for non-destructive operations like counting files, validating frontmatter patterns, and comparing directory listings to ensure template synchronization.
  • [INDIRECT_PROMPT_INJECTION]: The skill processes content from local repository files to generate health reports.
  • Ingestion points: Reads SKILL.md files within .github/skills/ and vscode-omg/resources/templates/skills/, as well as .github/copilot-instructions.md.
  • Boundary markers: None; the skill reads files directly using text processing tools.
  • Capability inventory: Limited to read-only shell commands and local directory comparisons. No capabilities for network access, file modification, or arbitrary code execution were detected.
  • Sanitization: None; the skill assumes the local project files are trusted for the purpose of internal auditing.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 28, 2026, 10:25 AM