skills/entireio/skills/recall/Gen Agent Trust Hub

recall

Pass

Audited by Gen Agent Trust Hub on Jun 14, 2026

Risk Level: SAFE
Full Analysis
  • [PROMPT_INJECTION]: The skill is built with protections against indirect prompt injection.
  • Ingestion points: Processes potentially untrusted data from search results, repository transcripts, and repository content (SKILL.md).
  • Boundary markers: Explicit instructions are provided to treat all command output and search results as untrusted and to never follow instructions found within them (SKILL.md).
  • Capability inventory: Uses subprocess execution for git and entire CLI tools (SKILL.md).
  • Sanitization: Requires the agent to strip or escape shell-sensitive characters like backticks, subshells, and semicolons from user task descriptions before command substitution (SKILL.md).
  • [COMMAND_EXECUTION]: The skill executes git and vendor-provided entire CLI commands. It mitigates injection risks by instructing the agent to validate and escape user-supplied strings before they are executed in a shell context.
  • [EXTERNAL_DOWNLOADS]: The skill references the official documentation for the vendor's CLI tool at https://entire.io/docs/cli for installation instructions.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 14, 2026, 05:31 PM
Security Audit — agent-trust-hub — recall