setup-ashieslashy-skills
Pass
Audited by Gen Agent Trust Hub on May 20, 2026
Risk Level: SAFE
Full Analysis
- [SAFE]: No security issues were detected in the skill instructions or assets.
- [DATA_EXPOSURE]: The skill manages methodology in AGENTS.md files. The provided template (assets/templates/global-architect-agents.md) explicitly instructs the agent to protect secrets and avoid printing sensitive environment dumps or credential paths.
- [PROMPT_INJECTION]: The instructions focus on file resolution and methodology merging. It includes clear guardrails such as 'never silently replace' and 'write only after explicit approval', which mitigate unintended behavior.
- [COMMAND_EXECUTION]: While the skill mentions various developer CLI tools (git, rg, jq, etc.) as preferred utilities for the agent, it does not execute high-risk commands or perform unauthorized actions.
- [REMOTE_CODE_EXECUTION]: No remote code downloads or execution patterns were found. The mention of 'npx skills' is a user-directed installation step described in the documentation, not a background operation of the skill itself.
Audit Metadata