agent-workloads
Pass
Audited by Gen Agent Trust Hub on Mar 18, 2026
Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTIONEXTERNAL_DOWNLOADS
Full Analysis
- [PROMPT_INJECTION]: The skill interpolates user-supplied intent strings into shell commands, creating a potential command injection surface. 1. Ingestion points: User intent parameter in SKILL.md. 2. Boundary markers: Double quotes are used but are insufficient against shell metacharacters. 3. Capability inventory: Use of joelclaw CLI for task planning and execution. 4. Sanitization: Absent; no validation or escaping instructions.
- [COMMAND_EXECUTION]: The skill guides the agent in executing local CLI commands (joelclaw) to manage repository workflows and task dispatching.
- [EXTERNAL_DOWNLOADS]: The skill mentions npx skills add to install external extensions, which involves downloading code from remote registries.
Audit Metadata