polish-skill-md
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTIONEXTERNAL_DOWNLOADS
Full Analysis
- [COMMAND_EXECUTION]: The skill instructions direct the agent to execute the
npx skills addcommand during the verification phase to ensure the polished skill is correctly registered. - [PROMPT_INJECTION]: The skill exhibits an attack surface for indirect prompt injection because it reads and processes external
SKILL.mdfiles which may contain untrusted instructions. - Ingestion points: The 'Intake' step (defined in
SKILL.mdandreferences/workflow.md) reads existing manifest files from the local directory. - Boundary markers: There are no explicit markers or 'ignore' instructions specified to encapsulate the content of the files being processed.
- Capability inventory: The skill has file read and write permissions for refactoring tasks and shell command execution capabilities.
- Sanitization: The instructions do not define any validation or sanitization procedures for the content extracted from target manifest files.
- [EXTERNAL_DOWNLOADS]: The use of
npx skillsinvolves fetching and executing a package from the npm registry if it is not already available locally.
Audit Metadata