skills/akillness/jeo-skills/semble/Gen Agent Trust Hub

semble

Pass

Audited by Gen Agent Trust Hub on Jun 17, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill provides instructions to install the 'semble' package and its associated components from the official Python Package Index (PyPI) using package managers such as 'pip' and 'uv'.
  • [COMMAND_EXECUTION]: The installation and operation of the tool require several shell commands, including configuring Model Context Protocol (MCP) servers and executing search queries that interact with the local file system.
  • [DATA_EXFILTRATION]: The tool supports indexing and searching remote git repositories (e.g., via GitHub), which necessitates outbound network connectivity to retrieve and process codebase data.
  • [PROMPT_INJECTION]: The skill processes untrusted external data (source code from indexed repositories), creating a surface for indirect prompt injection. Maliciously crafted content in a processed repository could attempt to influence the agent's behavior.
  • Ingestion points: External code snippets are ingested into the agent context via the 'semble search' and 'semble find-related' tools (SKILL.md).
  • Boundary markers: The skill documentation does not provide specific delimiters or instructions to ignore embedded commands in the returned code chunks.
  • Capability inventory: The agent environment includes powerful capabilities such as 'Bash', 'Write', and 'WebFetch' tools (SKILL.md).
  • Sanitization: No validation or sanitization of the retrieved code content is mentioned before it is presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 17, 2026, 07:06 AM
Security Audit — agent-trust-hub — semble