setup-benny
Pass
Audited by Gen Agent Trust Hub on Jun 24, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill involves the agent performing file management tasks, such as merging source packs into a target repository and updating '.cursor/settings.json' to enable the 'pstack' plugin.
- [PROMPT_INJECTION]: The automations configured by this skill process external, untrusted data from Slack and issue trackers. The skill addresses this indirect prompt injection attack surface by requiring a 'triage marker' (e.g., [benny:bug]) to gate autonomous actions and pull request creation, though it relies on external operational files for specific sanitization logic.
- [SAFE]: The skill implements strong security best practices, explicitly forbidding the hardcoding of secrets and instructing the agent to use secure environment variables or secret managers for sensitive credentials.
Audit Metadata