Skills
skills/alenazaharovaux/share/tool-scout/Gen Agent Trust Hub

tool-scout

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFEPROMPT_INJECTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ingestion of untrusted data from external sources. It reads and processes content from web search results, GitHub repository listings, and specific repository README files to extract tool information. This content is then used to generate tables and reports for the user.
  • Ingestion points: SKILL.md (Step 3 and Step 4) fetches data from external web queries and GitHub repository READMEs.
  • Boundary markers: Absent. The skill instructions do not include delimiters or directives for the agent to ignore instructions that might be embedded in the fetched external content.
  • Capability inventory: The skill can execute gh CLI commands, perform web searches, and spawn subagents for detailed tool reports.
  • Sanitization: Absent. The skill does not specify any sanitization or validation of the fetched external text before it is processed by the AI.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 04:17 AM