Skills
skills/jackchuka/skills/p-ego-search/Gen Agent Trust Hub

p-ego-search

Pass

Audited by Gen Agent Trust Hub on May 30, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill instructs the agent to run the GitHub CLI (gh) and a local Python script (scripts/skillctx-resolve.py) to perform search operations and manage configuration. It interpolates keywords and organization names into these commands.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection as it retrieves and processes content from external sources (Slack, Fireflies, GitHub). It includes specific mitigation instructions to paraphrase retrieved content and explicitly ignore any instructions contained within it.
  • [DATA_EXFILTRATION]: The skill accesses local configuration files in the standard ~/.config/skillctx/ directory to resolve variables like keywords and organizations. There is no evidence of unauthorized data transmission to external servers; retrieved search results are presented directly to the user.
Audit Metadata
Risk Level
SAFE
Analyzed
May 30, 2026, 01:40 AM
Security Audit — agent-trust-hub — p-ego-search