Skills
skills/zircoz/agents.md-skill/agents-md/Gen Agent Trust Hub

agents-md

Pass

Audited by Gen Agent Trust Hub on Mar 8, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands to discover project structure and configuration metadata.
  • Evidence: Uses commands like ls -la, cat package.json, and ls .github/workflows/ to identify the project's build, test, and linting environment.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes untrusted local files to generate instructions for AI agents.
  • Ingestion points: Reads data from files such as package.json, README.md, CONTRIBUTING.md, and other project configuration files via the Read tool.
  • Boundary markers: Content from these files is interpolated into the generation process without explicit delimiters or instructions to ignore embedded commands.
  • Capability inventory: The skill has access to powerful tools including Bash, Write, and Edit.
  • Sanitization: No sanitization or escaping of the ingested text is performed.
  • Mitigation: The workflow requires a manual confirmation step ('Phase 3: Present and Confirm') where the user must review the generated content before any file write operations occur.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 8, 2026, 06:20 PM