Skills
skills/camacho/ai-skills/orient/Gen Agent Trust Hub

orient

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes shell commands including 'gh issue view', 'ls', and 'tail' to retrieve issue metadata, search for Architecture Decision Records (ADRs), and read recent memory logs from the workspace.
  • [PROMPT_INJECTION]: The skill has a surface for indirect prompt injection by ingesting and acting upon untrusted data from external GitHub issues.
  • Ingestion points: Output of 'gh issue view' containing issue titles and bodies (SKILL.md).
  • Boundary markers: Not present; issue content is integrated directly into the orientation process without delimiters or instructions to ignore embedded commands.
  • Capability inventory: File system listing (ls), file reading (tail), and GitHub CLI interactions (gh).
  • Sanitization: No sanitization or validation of the fetched issue content is performed, allowing potentially malicious descriptions to influence routing and task classification logic.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 06:34 AM