skills/mblode/agent-skills/tidy/Gen Agent Trust Hub

tidy

Pass

Audited by Gen Agent Trust Hub on Jul 2, 2026

Risk Level: SAFECOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes shell commands defined in the project's package.json file to establish baselines and verify fixes.
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by incorporating repository-specific instruction files into the agent's context.
  • Ingestion points: git diff output, CLAUDE.md, and AGENTS.md files.
  • Boundary markers: Absent; instructions in these files are explicitly permitted to override the skill's default behavior.
  • Capability inventory: The skill possesses the capability to modify files in the working tree and execute arbitrary shell commands via project scripts.
  • Sanitization: No validation or sanitization of the content from ingested files is performed before processing.
Audit Metadata
Risk Level
SAFE
Analyzed
Jul 2, 2026, 04:12 PM
Security Audit — agent-trust-hub — tidy