Skills
skills/benbrastmckie/.config/skill-status-sync/Gen Agent Trust Hub

skill-status-sync

Pass

Audited by Gen Agent Trust Hub on Mar 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill defines Bash scripts that interpolate variables like {task_number} and {target_status} directly into shell command strings and jq filters. This allows for potential command injection if the agent populates these fields with malicious shell sequences. Examples include grep -n "^### {task_number}." and jq --arg status "{target_status}".\n- [PROMPT_INJECTION]: The skill has an indirect prompt injection surface because it reads and processes data from external files (specs/state.json, specs/TODO.md).\n
  • Ingestion points: Reads from specs/state.json and specs/TODO.md.\n
  • Boundary markers: No delimiters or instructions are used to separate data from commands when processing these files.\n
  • Capability inventory: Full Bash shell access, file reading, and file editing via the Edit tool.\n
  • Sanitization: No validation or sanitization is performed on the data retrieved from files before it is used in subsequent logic.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 18, 2026, 01:57 PM