woostack-status
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill executes local bash scripts bundled within its directory to derive and display project status. It also invokes standard command-line utilities such as
git,gh(GitHub CLI), andjqfor parsing data. - [PROMPT_INJECTION]: The skill processes untrusted data from the repository (e.g., spec files and PR descriptions) which is then displayed to the agent. This represents an indirect prompt injection surface if an attacker influences these artifacts.
- Ingestion points: Files in ".woostack/specs/", ".woostack/fixes/", and GitHub PR bodies.
- Boundary markers: None explicitly implemented in the terminal output.
- Capability inventory: Local bash script execution, "grep", "git", and "gh" tool usage.
- Sanitization: Uses standard Unix utilities ("sed", "awk", "grep") for parsing.
- [SAFE]: No malicious patterns such as obfuscation, exfiltration to untrusted domains, or persistence mechanisms were detected. The script is read-only and explicitly avoids making commits or pushes.
Audit Metadata