guard
Pass
Audited by Gen Agent Trust Hub on May 3, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill utilizes PreToolUse hooks to execute scripts (check-careful.sh and check-freeze.sh) from sibling directories. These scripts are run before the Bash, Edit, or Write tools to verify safety constraints.\n- [COMMAND_EXECUTION]: Local telemetry, including skill usage and repository names, is appended to ~/.gstack/analytics/skill-usage.jsonl via shell commands.\n- [COMMAND_EXECUTION]: A potential command injection risk exists in the setup process where the agent is instructed to resolve a user-provided directory path using a shell subshell: FREEZE_DIR=$(cd "" ...). Untrusted input in this field could lead to unintended command execution.\n
- Ingestion points: Directory path input from AskUserQuestion.\n
- Boundary markers: Absent; the path is not wrapped in markers or accompanied by instructions to ignore embedded commands.\n
- Capability inventory: Access to Bash tool and local file system write access.\n
- Sanitization: None; input is interpolated directly into the command string.
Audit Metadata