Skills
skills/0froq/skills/end-my-day/Gen Agent Trust Hub

end-my-day

Pass

Audited by Gen Agent Trust Hub on Apr 3, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses the simple-git library to perform repository operations including git add, git commit, and git push. These operations are limited to the local repository and its configured origin, used solely to maintain the daily review state and project documentation.
  • [PROMPT_INJECTION]: The skill reads and analyzes the content of Markdown files from multiple directories to verify task completion, which presents an inherent surface for indirect prompt injection.
  • Ingestion points: The skill scans and reads Markdown files in docs/corpus, docs/posts, and docs/dashboard using readFileSync in lib/scan.ts and lib/verify.ts.
  • Boundary markers: Document content is processed without specific boundary markers or instructions to ignore embedded commands.
  • Capability inventory: The skill has the capability to write to the file system (writeFileSync) and perform network operations via git push.
  • Sanitization: No sanitization or validation of the ingested Markdown content is performed prior to analysis.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 3, 2026, 07:59 AM