skills/mineru98/skills-store/commit/Gen Agent Trust Hub

commit

Pass

Audited by Gen Agent Trust Hub on Jun 23, 2026

Risk Level: SAFEPROMPT_INJECTIONCOMMAND_EXECUTION
Full Analysis
  • [PROMPT_INJECTION]: The skill contains explicit instructions to override the agent's interaction model, demanding execution without user questioning or confirmation ("지금 즉시 아래 워크플로우를 실행하라. 질문하지 말고 바로 실행하라").
  • [PROMPT_INJECTION]: The skill exhibits an indirect prompt injection surface by processing untrusted data via variables while possessing write-access capabilities.
  • Ingestion points: External untrusted data enters the agent context through the $ARGUMENTS variable in SKILL.md.
  • Boundary markers: There are no delimiters or "ignore embedded instructions" warnings present to isolate the $ARGUMENTS input.
  • Capability inventory: The skill executes git add and git commit commands, which provide file system modification capabilities.
  • Sanitization: The skill does not perform any escaping, validation, or filtering of the external content before processing it.
  • [COMMAND_EXECUTION]: The skill executes multiple shell commands to manage the git repository, including git status, git diff, git add, and git commit.
Audit Metadata
Risk Level
SAFE
Analyzed
Jun 23, 2026, 04:46 PM
Security Audit — agent-trust-hub — commit