Skills
skills/metalbear-co/skills/mirrord-config/Gen Agent Trust Hub

mirrord-config

Pass

Audited by Gen Agent Trust Hub on May 11, 2026

Risk Level: SAFECOMMAND_EXECUTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill is designed to check for the local presence of the mirrord CLI and use it for authoritative configuration validation. The instructions include explicit safeguards to ensure the agent does not execute any commands derived from user-provided configuration values.
  • [EXTERNAL_DOWNLOADS]: The reference files contain links to official documentation on mirrord.dev and source code/images on GitHub and GitHub Container Registry (ghcr.io). These are well-known services and the resources belong to the official project repository.
  • [PROMPT_INJECTION]: The instructions incorporate a security boundary, directing the agent to treat all user-provided JSON content as data only and to ignore any embedded instructions. This effectively mitigates indirect prompt injection risks.
  • [REMOTE_CODE_EXECUTION]: The skill specifically prohibits the generation of remote pipe-to-shell installation commands or mandatory package manager one-liners, ensuring that users are directed to official installation paths instead.
Audit Metadata
Risk Level
SAFE
Analyzed
May 11, 2026, 09:14 AM