Skills
skills/garagon/nanostack/feature/Gen Agent Trust Hub

feature

Pass

Audited by Gen Agent Trust Hub on May 14, 2026

Risk Level: SAFE
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes a PreToolUse hook to execute a local script, enforce-sprint.sh, which acts as a gatekeeper for git operations. This script ensures compliance with the sprint workflow by checking for the existence and recency of required artifacts before allowing git add or git commit commands.
  • [INDIRECT_PROMPT_INJECTION]: The skill has an attack surface for indirect prompt injection as it reads project artifacts and source code to establish context for the feature request.
  • Ingestion points: Artifacts are retrieved via find-artifact.sh and the codebase is read directly if artifacts are missing in SKILL.md (Step 1).
  • Boundary markers: No specific delimiters or warnings to ignore embedded instructions are provided when reading this content.
  • Capability inventory: The agent can execute shell commands (subject to the hook) and invoke other specialized skills like nano, review, security, qa, and ship using the Skill tool.
  • Sanitization: No explicit sanitization or filtering of the ingested content is performed before passing context to subsequent skills.
Audit Metadata
Risk Level
SAFE
Analyzed
May 14, 2026, 06:46 AM