Skills
skills/huggingface/openenv/alignment-review/Gen Agent Trust Hub

alignment-review

Pass

Audited by Gen Agent Trust Hub on Jun 18, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • Execution of Local Scripts: The skill is configured to execute local shell scripts, specifically lint.sh and check-debug.sh, located in the .claude/hooks/ directory. This is a common pattern for integrating automated quality assurance and linting into a development workflow. Users should ensure that these hook files are maintained with trusted content.
  • Indirect Prompt Injection Surface: The skill processes external data in the form of code changes (diffs) and repository files, which serves as a surface for indirect prompt injection. Maliciously crafted comments in a code change could attempt to influence the agent's behavior.
  • Ingestion points: SKILL.md (via instructions to analyze git diff and read files in rfcs/ and .claude/docs/).
  • Boundary markers: Absent; the instructions do not define specific delimiters to separate untrusted code content from the analysis instructions.
  • Capability inventory: SKILL.md (utilizes Bash, Read, Grep, and Glob tools to execute hooks and scan the file system).
  • Sanitization: Absent; no explicit filtering or validation of the input code or document content is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 18, 2026, 03:06 PM
Security Audit — agent-trust-hub — alignment-review