Skills
skills/github/awesome-copilot/acreadiness-assess/Gen Agent Trust Hub

acreadiness-assess

Pass

Audited by Gen Agent Trust Hub on May 4, 2026

Risk Level: SAFEEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [EXTERNAL_DOWNLOADS]: Fetches and executes the agentrc utility from the official Microsoft GitHub repository via npx to perform the readiness scan. This uses a trusted vendor source for repository analysis.
  • [COMMAND_EXECUTION]: Initiates shell commands to verify the Node.js environment and run the assessment tool. These commands are limited to the primary function of repo auditing.
  • [DATA_EXPOSURE]: Reads repository configuration and file structure to produce the readiness report. The resulting data is stored locally in reports/index.html and is not transmitted to external domains.
  • [PROMPT_INJECTION]: Identifies an indirect prompt injection surface where repository data (ingested via the AgentRC scan) is processed by the @ai-readiness-reporter agent to populate the report-template.html template. While the skill lacks explicit sanitization or boundary markers for this data, the output is a static local file, which limits the risk of instructions influencing the agent's system-level capabilities.
Audit Metadata
Risk Level
SAFE
Analyzed
May 4, 2026, 07:06 AM