skill-extract-scripts
Pass
Audited by Gen Agent Trust Hub on Mar 23, 2026
Risk Level: SAFEPROMPT_INJECTION
Full Analysis
- [PROMPT_INJECTION]: The skill processes external content from other skill files, which creates a surface for indirect prompt injection where malicious instructions in the target file could influence the agent during the extraction process.
- Ingestion points: Reads target skill files as specified in Step 1.
- Boundary markers: Absent; the skill does not define specific delimiters or instructions to ignore embedded commands within the files it reads.
- Capability inventory: The agent performs file reading, creation of new shell scripts, and modification of existing skill files.
- Sanitization: Absent; there is no step involving the escaping or validation of the content being extracted from the target skill.
- [SAFE]: The skill promotes secure and resilient DevOps practices by providing detailed instructions for writing location-independent scripts, using strict shell execution modes (set -euo pipefail), and implementing robust argument validation.
Audit Metadata