Skills
skills/lev-os/agents/workflow-dotfiles-sync/Gen Agent Trust Hub

workflow-dotfiles-sync

Pass

Audited by Gen Agent Trust Hub on Mar 21, 2026

Risk Level: SAFECOMMAND_EXECUTIONDATA_EXFILTRATIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill invokes system commands including git, chezmoi, and a local dotfiles helper via the Bash tool. These commands are used to inspect, commit, and apply configuration changes to the user's home directory and local dotfiles repository.
  • [DATA_EXFILTRATION]: Synchronizes the local dotfiles repository at /Users/jean-patricksmith/.local/share/chezmoi with a remote server using git push and git pull. This involves standard network activity required for repository synchronization.
  • [PROMPT_INJECTION]: The workflow presents an indirect prompt injection surface by reading and classifying file differences (dotfiles status) and Git status output.
  • Ingestion points: Data from dotfiles status and git -C ~/.local/share/chezmoi status is read into the agent context in SKILL.md steps 1 and 2.
  • Boundary markers: No explicit delimiters or instructions to ignore embedded content are present when processing file changes.
  • Capability inventory: The skill has access to Bash (for execution) and Write (for file modification) tools.
  • Sanitization: There is no evidence of sanitization or validation of the content being synchronized before it is processed or applied.
Audit Metadata
Risk Level
SAFE
Analyzed
Mar 21, 2026, 06:48 PM
Security Audit — agent-trust-hub — workflow-dotfiles-sync