Skills
skills/baphomet480/claude-skills/command-center/Gen Agent Trust Hub

command-center

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill processes internal state files to generate a status dashboard, creating a potential surface for indirect prompt injection if those files contain data from external sources.
  • Ingestion points: scripts/command_center.py reads tasks.json, last-run.json, and errors.json from the .agent/state/ directory.
  • Boundary markers: The script interpolates data directly into the markdown output without using delimiters or instructions to the agent to ignore embedded instructions.
  • Capability inventory: The agent context typically includes powerful tools like shell execution and file system access which could be triggered by injected instructions.
  • Sanitization: The script does not sanitize or validate strings like task descriptions or error reasons before including them in the dashboard.
  • [COMMAND_EXECUTION]: The script executes a local command to identify the project root.
  • Evidence: subprocess.check_output(['git', 'rev-parse', '--show-toplevel']) in scripts/command_center.py.
  • Context: The execution uses a fixed list of arguments and does not invoke a shell, which is a safe practice for programmatic CLI interaction.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 07:18 AM