Skills
skills/jubscodes/get-shit-pretty/gsp-brand-sync/Gen Agent Trust Hub

gsp-brand-sync

Pass

Audited by Gen Agent Trust Hub on May 15, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [SAFE]: The skill features a strong safety rule that prevents any brand modifications without explicit user confirmation after a report is presented.
  • [COMMAND_EXECUTION]: Local shell tools like bash and grep are utilized for analyzing code and managing file structures within the project scope.
  • [PROMPT_INJECTION]: An indirect prompt injection surface exists as the skill processes unvalidated strings from the project codebase. Ingestion points: Project source files, style sheets, and user-facing copy analyzed in Step 1. Boundary markers: No delimiters or instructions are used to isolate project data from instructions. Capability inventory: The skill uses Write, Edit, and Bash tools. Sanitization: Ingested data is used directly for qualitative assessment without sanitization.
Audit Metadata
Risk Level
SAFE
Analyzed
May 15, 2026, 01:18 AM
Security Audit — agent-trust-hub — gsp-brand-sync