skills/hungv47/meta-skills/discover/Gen Agent Trust Hub

discover

Pass

Audited by Gen Agent Trust Hub on May 16, 2026

Risk Level: SAFE
Full Analysis
  • [SAFE]: Analysis of the skill's instructions, agent logic, and reference playbooks found no evidence of malicious code, data exfiltration, or unauthorized command execution. The skill is designed for conversational discovery and operates within its intended scope.\n- [PROMPT_INJECTION]: The skill features an attack surface for indirect prompt injection, as it is designed to ingest data from local project files which could contain untrusted instructions.\n
  • Ingestion points: According to Step 1 in SKILL.md, the agent scans the codebase for package.json, CLAUDE.md, and artifacts within the skills-resources/ directory to gather context.\n
  • Boundary markers: The skill does not utilize explicit delimiters or 'ignore instructions' directives when reading content from these local files.\n
  • Capability inventory: The skill is granted access to the Bash, Read, Grep, and Glob tools, and it invokes a sub-agent defined in agents/idea-critic.md.\n
  • Sanitization: Data gathered from the local environment is included in the prompt context without sanitization or validation of its contents.\n- [EXTERNAL_DOWNLOADS]: The skill playbooks located in references/operator-playbooks/ contain URL references to X (Twitter) and GitHub. These are used as primary sources of information for the scoping frameworks (e.g., Y Combinator, Sahil Lavingia) and do not represent a remote code execution risk.
Audit Metadata
Risk Level
SAFE
Analyzed
May 16, 2026, 01:33 AM
Security Audit — agent-trust-hub — discover