Skills
skills/howells/arc/build/Gen Agent Trust Hub

build

Pass

Audited by Gen Agent Trust Hub on Apr 12, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill presents a surface for indirect prompt injection by ingesting untrusted content from the repository. This data is used to inform agent decisions without explicit boundary markers or sanitization.
  • Ingestion points: .ruler/*.md, rules/interface/*.md, and project source files.
  • Boundary markers: Absent.
  • Capability inventory: File system access, shell command execution (git, pnpm, npm), and sub-agent orchestration.
  • Sanitization: Absent.
  • [COMMAND_EXECUTION]: The skill executes standard development commands including git (branching, commits, worktrees), pnpm (testing, type-checking, linting), and npm. These are routine operations for the skill's intended functionality of building and verifying software components.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 12, 2026, 06:57 PM