Skills
skills/aperivue/medsci-skills/publish-skill/Gen Agent Trust Hub

publish-skill

Pass

Audited by Gen Agent Trust Hub on May 5, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes a bundled local script, scripts/audit_skill.sh, to perform text-based PII scans. This is the core functionality of the skill and is executed within the local environment using the Bash tool. The script uses standard utilities like grep, find, and optionally exiftool to identify sensitive data patterns.
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface as it is designed to read and process arbitrary content from a user-specified 'source skill' directory.
  • Ingestion points: Reads SKILL.md and all files recursively from a user-provided path via the Read and Grep tools.
  • Boundary markers: None identified; the skill processes the raw content of the audited files.
  • Capability inventory: The skill has access to Bash, Read, Write, Edit, and Glob tools.
  • Sanitization: The audit script includes a false-positive guard using grep --binary-files=without-match and explicitly excludes certain directories like .git and __pycache__ to avoid processing binary blobs as text.
Audit Metadata
Risk Level
SAFE
Analyzed
May 5, 2026, 12:27 PM
Security Audit — agent-trust-hub — publish-skill