cmd-suggest
Pass
Audited by Gen Agent Trust Hub on Apr 27, 2026
Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
- [COMMAND_EXECUTION]: The skill instructs the agent to create and write to a file named 'suggest.md' in the repository to store analysis results.
- [INDIRECT_PROMPT_INJECTION]: The skill analyzes local repository content which acts as untrusted data, creating an attack surface for indirect prompt injection. * Ingestion points: Comprehensive analysis of repository files as specified in SKILL.md. * Boundary markers: There are no explicit delimiters or instructions provided to the agent to disregard instructions found within the analyzed files. * Capability inventory: The skill utilizes file reading for analysis and file writing to 'suggest.md' as specified in SKILL.md. * Sanitization: The skill does not implement or require any sanitization of the content read from the repository before processing.
Audit Metadata