Skills
skills/belt-sh/skills/skill/Gen Agent Trust Hub

skill

Pass

Audited by Gen Agent Trust Hub on May 12, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: Documentation includes commands for the belt CLI tool, which is used to manage skill lifecycles (e.g., belt skill install, belt skill list).
  • [EXTERNAL_DOWNLOADS]: The skill facilitates fetching and installing content from the belt registry. These operations are inherent to the tool's purpose as a registry manager and interact with vendor-specific infrastructure.
  • [PROMPT_INJECTION]: The skill facilitates the ingestion of external data from the belt registry via the use and get commands. This creates an attack surface for indirect prompt injection, as content from retrieved skills enters the agent's context. Evidence: Ingestion points: belt skill use, belt skill get (SKILL.md); Boundary markers: absent; Capability inventory: Bash access; Sanitization: absent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 12, 2026, 04:12 PM