programming
Pass
Audited by Gen Agent Trust Hub on Jun 17, 2026
Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
- [COMMAND_EXECUTION]: The skill provides explicit instructions for executing Bash scripts, Python utilities, and Nix tools. It defines rules for subshells, permissions, and environment selection (uv, poetry). While it facilitates arbitrary command execution, these are within the scope of repo-local development tasks.
- [EXTERNAL_DOWNLOADS]: The skill utilizes the Nix package manager (
nix run nixpkgs#...) to download and execute development tools such asshellcheck,rumdl,nurl, andstatix. These are sourced from the official Nixpkgs repository, an established and well-known service. - [PROMPT_INJECTION]: The skill possesses an indirect prompt injection surface as it is designed to read and process repository files which could contain untrusted data.
- Ingestion points: Reads repository files, Markdown documents, and Nix configurations (
SKILL.md). - Boundary markers: Not explicitly defined in the instructions, though the workflow emphasizes focused reference selection.
- Capability inventory: Capable of shell command execution, Python execution, and file system modifications across multiple scripts.
- Sanitization: None specified for file content processing, relying on the agent's internal safety layers.
Audit Metadata