Skills
skills/junhyunny/skills/sync-conventions/Gen Agent Trust Hub

sync-conventions

Pass

Audited by Gen Agent Trust Hub on Apr 25, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill uses git diff and git diff --staged to identify changes in the project structure and coding style.
  • [DATA_EXFILTRATION]: The skill reads source code, test files, and git diffs to analyze project-specific patterns. This exposes the content of the local filesystem to the agent's context for processing. No network exfiltration tools or external endpoints were detected in the instructions.
  • [PROMPT_INJECTION]: The skill is susceptible to indirect prompt injection because it processes untrusted data (source code and git output) to infer rules.
  • Ingestion points: Reads arbitrary source and test files within the project, as well as the output of git commands (SKILL.md, Step 2).
  • Boundary markers: No specific delimiters or safety instructions are used to isolate content read from files from the agent's internal instructions.
  • Capability inventory: The skill can execute shell commands (git) and perform file system write operations (CONVENTIONS-*.md).
  • Sanitization: No sanitization or validation of the input read from the codebase is mentioned before processing it for convention updates.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 25, 2026, 02:32 PM
Security Audit — agent-trust-hub — sync-conventions