Skills
skills/armelhbobdad/bmad-module-skill-forge/skf-export-skill/Gen Agent Trust Hub

skf-export-skill

Pass

Audited by Gen Agent Trust Hub on May 6, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill processes local skill files (SKILL.md, metadata.json) and interpolates their content into the agent's passive context files. This constitutes a potential indirect prompt injection surface.
  • Ingestion points: Text is extracted from SKILL.md headings and metadata.json fields in step-03.
  • Boundary markers: The process uses <!-- SKF:BEGIN --> and <!-- SKF:END --> markers for content isolation in target files as defined in assets/managed-section-format.md.
  • Capability inventory: The skill modifies sensitive configuration files like CLAUDE.md, .cursorrules, and AGENTS.md in step-04.
  • Sanitization: While no explicit sanitization of the input strings is mentioned, the risks are inherent to the skill's utility and are mitigated by the use of clear markers and developer-controlled execution.
  • [COMMAND_EXECUTION]: The workflow suggests distribution via npx skills commands in step-06. These are developer-facing instructions for sharing skills and do not represent automated or hidden execution.
  • [SAFE]: The skill implements logic to detect orphaned configuration files and provides a controlled mechanism for their cleanup. It preserves all user-authored content outside of the designated SKF markers.
Audit Metadata
Risk Level
SAFE
Analyzed
May 6, 2026, 03:13 AM