Skills
skills/benbrastmckie/nvim/skill-spawn/Gen Agent Trust Hub

skill-spawn

Pass

Audited by Gen Agent Trust Hub on Apr 27, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the Bash tool to perform complex state management operations. It uses jq to query and modify specs/state.json, creates directory structures with mkdir, and performs automated version control commits using git.
  • [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it processes untrusted data.
  • Ingestion points: User input from the blocker_prompt argument and task data from the .spawn-return.json file generated by an external subagent are ingested into the execution flow.
  • Boundary markers: No explicit delimiters or boundary markers are used to isolate untrusted data when it is interpolated into state files or documentation.
  • Capability inventory: The skill has access to shell execution (Bash), filesystem modification (Write, Edit), and agent delegation (Task).
  • Sanitization: Partial sanitization is performed on task titles using tr and sed to create filesystem-safe slugs, but no comprehensive sanitization is applied to other interpolated fields.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 27, 2026, 12:37 AM