Skills
skills/duyet/sharehtml/sharehtml-collaboration/Gen Agent Trust Hub

sharehtml-collaboration

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill relies on the sharehtml CLI tool to perform its operations, executing commands such as deploy, diff, pull, comments, and list to interact with the managed documents.
  • [EXTERNAL_DOWNLOADS]: The skill retrieves remote document content and metadata from an external service via the sharehtml pull and sharehtml comments commands.
  • [DATA_EXFILTRATION]: Local document files are transmitted to a remote service using the sharehtml deploy command as part of the skill's primary function. The skill mitigates risks by instructing the agent to keep documents private by default and requiring explicit user authorization before making files shareable.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface through the processing of untrusted remote feedback.
  • Ingestion points: The skill reads external data via the sharehtml comments <id> --json command in SKILL.md.
  • Boundary markers: No specific delimiters or "ignore instructions" warnings are provided for the fetched comment data.
  • Capability inventory: The skill possesses the capability to execute shell commands and modify local files via the sharehtml CLI, as documented in SKILL.md.
  • Sanitization: There is no mention of sanitization or validation of the fetched comment content before it is processed by the agent.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 10:35 AM
Security Audit — agent-trust-hub — sharehtml-collaboration