Skills
skills/amit-t/skills/resume/Gen Agent Trust Hub

resume

Pass

Audited by Gen Agent Trust Hub on May 13, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands such as git rev-parse --show-toplevel and git status --porcelain to resolve the project root and perform environment preflight checks. These are standard operations for the skill's intended purpose of resuming development work.\n- [EXTERNAL_DOWNLOADS]: The README provides installation instructions using npx skills@latest add amit-t/skills --skill resume. This refers to the author's own repository and is a standard way to add skills in this environment.\n- [PROMPT_INJECTION]: The skill ingests untrusted data from local handoff files, creating a potential surface for indirect prompt injection.\n
  • Ingestion points: Reads content and YAML frontmatter from markdown files located in .claude/handoffs/.\n
  • Boundary markers: None identified in the instructions for displaying handoff summaries to the agent.\n
  • Capability inventory: Executes git shell commands and file system operations (mkdir, mv) as defined in SKILL.md.\n
  • Sanitization: No explicit sanitization or validation of the handoff file content is mentioned before it is summarized and presented to the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 13, 2026, 02:28 PM