Skills
skills/gannonh/skills/converting-commands-to-skills/Gen Agent Trust Hub

converting-commands-to-skills

Pass

Audited by Gen Agent Trust Hub on May 9, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it reads and transforms instructions from untrusted source files (slash commands) and writes them into new skill files.
  • Ingestion points: Source command files located in ./commands/ and ~/.claude/commands/ are ingested at runtime.
  • Boundary markers: Absent. The skill instructions do not specify the use of delimiters or instructions to ignore embedded prompts in the source data during transformation.
  • Capability inventory: The skill relies on Write and Bash tools to manage migration and executes a Python script via an automated hook.
  • Sanitization: Absent. The provided transformation rules focus on naming and YAML metadata structure rather than the sanitization of instructional content.
  • [COMMAND_EXECUTION]: The skill defines a PostToolUse hook that automatically executes a local Python validation script (scripts/validate-frontmatter.py) whenever the Write tool is used. This automated execution is a platform feature used here for metadata enforcement.
  • [COMMAND_EXECUTION]: The skill's operational instructions direct the agent to use standard shell commands such as ls, cat, and find to perform file system discovery and migration tasks.
Audit Metadata
Risk Level
SAFE
Analyzed
May 9, 2026, 12:58 AM