Skills
skills/jazz1x/galmuri/audit/Gen Agent Trust Hub

audit

Pass

Audited by Gen Agent Trust Hub on May 7, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill utilizes the Bash tool to execute grep and other shell commands to inspect target files for destructive patterns. This is part of its core functionality as a static analysis auditor.
  • [EXTERNAL_DOWNLOADS]: The skill requires the PyYAML Python library and executes a local script scripts/preflight.sh to verify the environment. These are standard dependencies for its stated purpose.
  • [PROMPT_INJECTION]: The skill exhibits a surface for indirect prompt injection because it ingests and processes untrusted SKILL.md files from a user-provided path.
  • Ingestion points: Target files are read in Step 1 and their content is passed to an LLM helper in Step 2.
  • Boundary markers: Step 2 uses a structured prompt to guide the LLM to output only JSON, which provides some constraint on the output format.
  • Capability inventory: The skill has access to Read and Bash tools, and can write report files to the filesystem.
  • Sanitization: There is no evidence of content sanitization or filtering of the target files before they are analyzed by the LLM or passed to shell commands.
Audit Metadata
Risk Level
SAFE
Analyzed
May 7, 2026, 03:13 PM