Skills
skills/fradser/dotclaude/get-context/Gen Agent Trust Hub

get-context

Pass

Audited by Gen Agent Trust Hub on Jun 16, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents an indirect prompt injection surface through the ingestion of untrusted data.
  • Ingestion points: Raw user input via $ARGUMENTS and content from local dependency manifests (package.json, go.mod, pyproject.toml, Cargo.toml) as described in SKILL.md.
  • Boundary markers: No delimiters or safety warnings are present to isolate interpolated content from agent instructions.
  • Capability inventory: The skill facilitates remote data access via git clone and external search tools through a delegated agent.
  • Sanitization: No input validation or content sanitization is observed.
  • [COMMAND_EXECUTION]: The skill enables the execution of commands such as git clone and utilizes external research tools (DeepWiki, Context7, Exa) based on user-supplied arguments. This capability can be leveraged to interact with arbitrary remote repositories or services if the delegated agent does not validate the target source.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 16, 2026, 05:42 AM
Security Audit — agent-trust-hub — get-context