skill-reviewer
Pass
Audited by Gen Agent Trust Hub on May 4, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: The skill operates by having the agent read and analyze external skill files (e.g., using
cat path/to/skill/SKILL.md), which creates an indirect prompt injection attack surface (Category 8). - Ingestion points: The
catcommand is specified in the workflow to load external skill content into the agent's context for review. - Boundary markers: No specific delimiters or instructions are used to signal the agent to ignore or isolate instructions found within the audited files.
- Capability inventory: The skill uses basic shell utilities (
ls,cat,grep,wc) to facilitate the auditing process. - Sanitization: Content from the files being reviewed is not sanitized or escaped before the agent processes it for quality assessment.
- [COMMAND_EXECUTION]: The skill instructions direct the agent to use standard local shell commands (
ls,cat,grep,wc) to inspect directory structures and document content. These operations are limited to the local filesystem and are appropriate for the tool's auditing purpose.
Audit Metadata