divine-mobile-guide-creator

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches source code from the divine-mobile repository on GitHub.
  • Evidence: Uses git clone --depth 1 https://github.com/divinevideo/divine-mobile in SKILL.md to collect source material for the guide.
  • [COMMAND_EXECUTION]: Executes shell commands for build automation and version control within the local blog environment.
  • Evidence: Employs mktemp for workspace creation, jekyll build for site verification, and git add/commit/push to update the repository at /home/blog.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it processes and summarizes content from an external repository.
  • Ingestion points: Reads documentation and configuration files (e.g., README.md, docs/*.md, pubspec.yaml) from the cloned divinevideo/divine-mobile repository.
  • Boundary markers: There are no explicit markers or delimiters used to separate the ingested remote content from the agent's internal instructions.
  • Capability inventory: The agent has the ability to write files to the blog directory, execute build commands, and perform network operations via git push.
  • Sanitization: The skill contains proactive instructions to mask specific secrets like CF_STREAM_TOKEN, which is a security best practice, but it lacks general validation or sanitization for arbitrary text found in the repo's documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 08:08 AM
Security Audit — agent-trust-hub — divine-mobile-guide-creator