skills/fallow-rs/fallow-skills/fallow/Gen Agent Trust Hub

fallow

Pass

Audited by Gen Agent Trust Hub on May 22, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: The skill recommends installing the 'fallow' tool via global npm installation, 'npx', or 'cargo'. It also references the '@fallow-cli/fallow-node' package for Node.js integrations and a JSON schema hosted on the vendor's GitHub repository.
  • [COMMAND_EXECUTION]: The skill instructs the agent to execute various 'fallow' CLI commands (e.g., 'dead-code', 'dupes', 'health', 'audit') to perform static and dynamic analysis on the local codebase.
  • [DATA_EXFILTRATION]: Certain commands ('license activate', 'coverage upload-inventory', 'upload-source-maps') facilitate interaction with 'api.fallow.cloud' for license management and cloud-based analysis features. These operations are consistent with the tool's described functionality for cloud runtime monitoring and use the vendor's official domain.
  • [PROMPT_INJECTION]: The skill is designed to ingest and analyze data from the local project, which constitutes an indirect prompt injection surface.
  • Ingestion points: Local project source code files, '.fallowrc.json', 'package.json', and 'pnpm-workspace.yaml'.
  • Boundary markers: Rule 8 in the main instructions explicitly directs the agent to treat project configuration as untrusted input and avoid relying on instructions within remote configuration content.
  • Capability inventory: Shell command execution for analysis and auto-fixing code, and configuration file generation.
  • Sanitization: The skill does not implement specific sanitization of the analyzed files, relying on the internal logic of the 'fallow' CLI tool.
Audit Metadata
Risk Level
SAFE
Analyzed
May 22, 2026, 05:46 AM
Security Audit — agent-trust-hub — fallow