Skills
skills/nangongwentian-fe/jay-skills/sync-global-rules/Gen Agent Trust Hub

sync-global-rules

Pass

Audited by Gen Agent Trust Hub on Apr 1, 2026

Risk Level: SAFECOMMAND_EXECUTIONEXTERNAL_DOWNLOADSPROMPT_INJECTION
Full Analysis
  • [COMMAND_EXECUTION]: The skill executes local shell scripts (check_updates.sh and sync.sh) to perform version checks, create file backups, and synchronize configuration data.
  • [EXTERNAL_DOWNLOADS]: Fetches markdown files and repository metadata from the author's GitHub repository (nangongwentian-fe/Awesome-GlobalRule) using the GitHub CLI (gh api). These downloads are handled neutrally as they originate from the vendor's own established repository.
  • [INDIRECT_PROMPT_INJECTION]: This skill downloads and installs remote markdown files that are subsequently used as 'global rules' for the AI agent (CLAUDE.md, AGENTS.md). This creates an attack surface where the agent's behavior could be altered by external content without direct user verification of the rule logic.
  • Ingestion points: Remote markdown files from the Awesome-GlobalRule repository.
  • Boundary markers: Absent; the downloaded files are installed directly as system-level instructions.
  • Capability inventory: The skill scripts have the ability to write to sensitive local tool directories (~/.claude/ and ~/.codex/) and create local backups.
  • Sanitization: No validation or sanitization of the downloaded markdown content is performed before it is applied to the agent's active configuration.
Audit Metadata
Risk Level
SAFE
Analyzed
Apr 1, 2026, 09:01 AM