skills-engineering

Pass

Audited by Gen Agent Trust Hub on Jun 12, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a bash script, generate.sh, to manage phase routing and execute local script acceptance tests during the evaluation phase. This activity is standard for a development tool and is confined to the local environment.
  • [PROMPT_INJECTION]: The skill includes an indirect prompt injection surface because it reads and processes external files (spec.md, SKILL.md) to generate instructions for subagents. Ingestion points: content from the target skill path is read during various phases. Boundary markers: no explicit delimiters are used to wrap external content. Capability inventory: includes the ability to execute shell scripts and write files. Sanitization: content is interpolated into prompts without sanitization.
  • [SAFE]: Analysis of the skill reveals no malicious behavior, data exfiltration, or persistence mechanisms. The skill's implementation aligns with its purpose as a utility for engineering other agent skills.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 12, 2026, 09:14 PM
Security Audit — agent-trust-hub — skills-engineering