pace-config
Pass
Audited by Gen Agent Trust Hub on Jun 25, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to execute various local shell commands for the 'pace' dashboard application, including status checks (
pace adapters list), configuration validation (pace config check), and service management (docker run,docker-compose restart,bun run dev). These commands are consistent with the skill's purpose of managing a local application. - [EXTERNAL_DOWNLOADS]: The configuration generated by the skill facilitates the dashboard's primary function: fetching data from third-party feeds such as RSS, Reddit, GitHub, and Mastodon. It also references a Docker image (
ghcr.io/av/pace:latest) associated with the skill's author. - [INDIRECT_PROMPT_INJECTION]: The application being configured has an inherent attack surface for indirect prompt injection.
- Ingestion points: Untrusted data is ingested from external adapters (RSS, Reddit, Mastodon, etc.) as defined in SKILL.md.
- Boundary markers: No specific boundary markers or 'ignore' instructions are provided in the generated LLM transform configurations in the examples.
- Capability inventory: The system performs network fetches and processes content through an LLM for summarization and filtering as described in the Transform reference section.
- Sanitization: No explicit sanitization of feed content before LLM processing is documented in the configuration templates. Users should be aware that malicious external content could potentially influence LLM summarization behavior.
Audit Metadata