setup-agent-skills
Pass
Audited by Gen Agent Trust Hub on May 14, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill uses local shell commands like
git remote -vand checks for the availability ofgh,glab, andbd(Beads) CLI tools to discover the repository's configuration. - [EXTERNAL_DOWNLOADS]: The skill contains references and links to official CLI tools and documentation for well-known and trusted services such as GitLab.
- [PROMPT_INJECTION]: The skill ingests untrusted data from repository files like
AGENTS.md,CONTEXT.md, and.git/config, as well as content from external issue trackers (Ingestion points). It lacks explicit sanitization or boundary markers for this data. However, the risk associated with its capabilities (Capability inventory: writing toAGENTS.mdanddocs/agents/, and executing CLI commands) is mitigated by the skill's mandatory user-confirmation workflow, which requires a human to review all findings and draft content before any changes are finalized. - [SAFE]: No malicious patterns including obfuscation, unauthorized data exfiltration, or privilege escalation were detected. The skill's behavior is consistent with its stated purpose of repository scaffolding.
Audit Metadata