Skills
skills/dmmulroy/.dotfiles/setup-matt-pocock-skills/Gen Agent Trust Hub

setup-matt-pocock-skills

Pass

Audited by Gen Agent Trust Hub on Jun 13, 2026

Risk Level: SAFEDATA_EXFILTRATIONCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [DATA_EXFILTRATION]: The skill reads .git/config and runs git remote -v to identify the repository's origin. While standard for repository analysis, the .git/config file is a sensitive path that may contain credentials, access tokens, or private repository URLs.
  • [COMMAND_EXECUTION]: The skill executes git remote -v to gather information about the repository environment. Additionally, it provides templates that instruct the agent to use the gh and glab CLI tools for issue management.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection due to its ingestion of untrusted repository data.
  • Ingestion points: Reads content from AGENTS.md, CLAUDE.md, CONTEXT.md, CONTEXT-MAP.md, and the docs/adr/ directory to understand the project state.
  • Boundary markers: None identified in the prompt instructions to distinguish between the skill's instructions and the content of the files being read.
  • Capability inventory: The skill has file-write capabilities, modifying AGENTS.md or CLAUDE.md and creating several files in the docs/agents/ directory.
  • Sanitization: No explicit sanitization or validation of the ingested file content is performed before it is presented to the user or used to generate new documentation.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 13, 2026, 07:56 AM
Security Audit — agent-trust-hub — setup-matt-pocock-skills